Pid Eins

The Trials Of A Long Journey Always Feeling, Civilized Travel Pass Reputation. · Let’s have a look how traditional Linux distributions set up `/boot/` and the ESP, and how this could be improved.

sudo DESTDIR=/run/extensions/systemd-test meson install -C build --quiet --no-rebuild &&
        sudo systemd-sysext refresh --force

sudo systemd-sysext unmerge

systemd-nspawn \
        --directory=/ \
        --volatile=yes \
        -U \
        --set-credential=passwd.hashed-password.root:$(mkpasswd mysecret) \
        --set-credential=firstboot.locale:C.UTF-8 \
        --bind-user=lennart \
        -b

# systemd-cryptenroll --fido2-device=auto /dev/sda5

myvolume /dev/sda5 - fido2-device=auto

# ykman piv reset
# ykman piv generate-key -a RSA2048 9d pubkey.pem
# ykman piv generate-certificate --subject "Knobelei" 9d pubkey.pem
# rm pubkey.pem

# systemd-cryptenroll --pkcs11-token-uri=auto /dev/sda5

myvolume /dev/sda5 - pkcs11-uri=auto

# systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7 /dev/sda5

myvolume /dev/sda5 - tpm2-device=auto

# systemd-cryptenroll --recovery-key /dev/sda5

# portablectl attach ./portable-walkthrough-go.raw
(Matching unit files with prefix 'portable-walkthrough-go'.)
Created directory /etc/systemd/system.attached.
Created directory /etc/systemd/system.attached/portable-walkthrough-go.socket.d.
Written /etc/systemd/system.attached/portable-walkthrough-go.socket.d/20-portable.conf.
Copied /etc/systemd/system.attached/portable-walkthrough-go.socket.
Created directory /etc/systemd/system.attached/portable-walkthrough-go.service.d.
Written /etc/systemd/system.attached/portable-walkthrough-go.service.d/20-portable.conf.
Created symlink /etc/systemd/system.attached/portable-walkthrough-go.service.d/10-profile.conf → /usr/lib/systemd/portable/profile/default/service.conf.
Copied /etc/systemd/system.attached/portable-walkthrough-go.service.
Created symlink /etc/portables/portable-walkthrough-go.raw → /home/lennart/projects/portable-walkthrough-go/portable-walkthrough-go.raw.

# systemctl start portable-walkthrough-go.socket

# curl localhost:8088
Hello! You are visitor #1!

# curl localhost:8088
Hello! You are visitor #2!

# systemctl stop portable-walkthrough-go.service portable-walkthrough-go.socket
# portablectl detach portable-walkthrough-go
Removed /etc/systemd/system.attached/portable-walkthrough-go.service.
Removed /etc/systemd/system.attached/portable-walkthrough-go.service.d/10-profile.conf.
Removed /etc/systemd/system.attached/portable-walkthrough-go.service.d/20-portable.conf.
Removed /etc/systemd/system.attached/portable-walkthrough-go.service.d.
Removed /etc/systemd/system.attached/portable-walkthrough-go.socket.
Removed /etc/systemd/system.attached/portable-walkthrough-go.socket.d/20-portable.conf.
Removed /etc/systemd/system.attached/portable-walkthrough-go.socket.d.
Removed /etc/portables/portable-walkthrough-go.raw.
Removed /etc/systemd/system.attached.

$ git clone https://github.com/systemd/portable-walkthrough.git

# /usr/lib/systemd/portablectl attach ./walkthroughd_1.raw
(Matching unit files with prefix 'walkthroughd'.)
Created directory /etc/systemd/system/walkthroughd.service.d.
Written /etc/systemd/system/walkthroughd.service.d/20-portable.conf.
Created symlink /etc/systemd/system/walkthroughd.service.d/10-profile.conf → /usr/lib/systemd/portable/profile/default/service.conf.
Copied /etc/systemd/system/walkthroughd.service.
Created symlink /etc/portables/walkthroughd_1.raw → /home/lennart/projects/portable-walkthrough/walkthroughd_1.raw.

# systemctl status walkthroughd.service
● walkthroughd.service - A simple example service
   Loaded: loaded (/etc/systemd/system/walkthroughd.service; disabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/walkthroughd.service.d
           └─10-profile.conf, 20-portable.conf
   Active: inactive (dead)

# systemctl enable --now walkthroughd.service
Created symlink /etc/systemd/system/multi-user.target.wants/walkthroughd.service → /etc/systemd/system/walkthroughd.service.

# systemctl status walkthroughd.service
● walkthroughd.service - A simple example service
   Loaded: loaded (/etc/systemd/system/walkthroughd.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/walkthroughd.service.d
           └─10-profile.conf, 20-portable.conf
   Active: active (running) since Wed 2018-06-27 17:55:30 CEST; 4s ago
 Main PID: 45003 (walkthroughd)
    Tasks: 1 (limit: 4915)
   Memory: 4.3M
   CGroup: /system.slice/walkthroughd.service
           └─45003 /usr/local/lib/walkthroughd/walkthroughd

Jun 27 17:55:30 sigma walkthroughd[45003]: Initializing.

# systemctl disable --now walkthroughd.service
Removed /etc/systemd/system/multi-user.target.wants/walkthroughd.service.
# /usr/lib/systemd/portablectl detach ./walkthroughd_1.raw
Removed /etc/systemd/system/walkthroughd.service.
Removed /etc/systemd/system/walkthroughd.service.d/10-profile.conf.
Removed /etc/systemd/system/walkthroughd.service.d/20-portable.conf.
Removed /etc/systemd/system/walkthroughd.service.d.
Removed /etc/portables/walkthroughd_1.raw.

# systemctl status walkthroughd
Unit walkthroughd.service could not be found.

[Service]
ExecStart=/usr/bin/ping 8.8.8.8
IPAccounting=yes

# systemctl daemon-reload
# systemctl start ip-accounting-test
# systemctl status ip-accounting-test
● ip-accounting-test.service
   Loaded: loaded (/etc/systemd/system/ip-accounting-test.service; static; vendor preset: disabled)
   Active: active (running) since Mon 2017-10-09 18:05:47 CEST; 1s ago
 Main PID: 32152 (ping)
       IP: 168B in, 168B out
    Tasks: 1 (limit: 4915)
   CGroup: /system.slice/ip-accounting-test.service
           └─32152 /usr/bin/ping 8.8.8.8

Okt 09 18:05:47 sigma systemd[1]: Started ip-accounting-test.service.
Okt 09 18:05:47 sigma ping[32152]: PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
Okt 09 18:05:47 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=1 ttl=59 time=29.2 ms
Okt 09 18:05:48 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=2 ttl=59 time=28.0 ms

# systemctl status ip-accounting-test
● ip-accounting-test.service
   Loaded: loaded (/etc/systemd/system/ip-accounting-test.service; static; vendor preset: disabled)
   Active: active (running) since Mon 2017-10-09 18:05:47 CEST; 4min 28s ago
 Main PID: 32152 (ping)
       IP: 22.2K in, 22.2K out
    Tasks: 1 (limit: 4915)
   CGroup: /system.slice/ip-accounting-test.service
           └─32152 /usr/bin/ping 8.8.8.8

Okt 09 18:10:07 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=260 ttl=59 time=27.7 ms
Okt 09 18:10:08 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=261 ttl=59 time=28.0 ms
Okt 09 18:10:09 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=262 ttl=59 time=33.8 ms
Okt 09 18:10:10 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=263 ttl=59 time=48.9 ms
Okt 09 18:10:11 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=264 ttl=59 time=27.2 ms
Okt 09 18:10:12 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=265 ttl=59 time=27.0 ms
Okt 09 18:10:13 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=266 ttl=59 time=26.8 ms
Okt 09 18:10:14 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=267 ttl=59 time=27.4 ms
Okt 09 18:10:15 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=268 ttl=59 time=29.7 ms
Okt 09 18:10:16 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=269 ttl=59 time=27.6 ms

# systemctl show ip-accounting-test -p IPIngressBytes -p IPIngressPackets -p IPEgressBytes -p IPEgressPackets
IPIngressBytes=37776
IPIngressPackets=449
IPEgressBytes=37776
IPEgressPackets=449

# systemctl stop ip-accounting-test

# journalctl -u ip-accounting-test -n 5
-- Logs begin at Thu 2016-08-18 23:09:37 CEST, end at Mon 2017-10-09 18:17:02 CEST. --
Okt 09 18:15:50 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=603 ttl=59 time=26.9 ms
Okt 09 18:15:51 sigma ping[32152]: 64 bytes from 8.8.8.8: icmp_seq=604 ttl=59 time=27.2 ms
Okt 09 18:15:52 sigma systemd[1]: Stopping ip-accounting-test.service...
Okt 09 18:15:52 sigma systemd[1]: Stopped ip-accounting-test.service.
Okt 09 18:15:52 sigma systemd[1]: ip-accounting-test.service: Received 49.5K IP traffic, sent 49.5K IP traffic

# journalctl -u ip-accounting-test -n 1 -o verbose
-- Logs begin at Thu 2016-08-18 23:09:37 CEST, end at Mon 2017-10-09 18:18:50 CEST. --
Mon 2017-10-09 18:15:52.649028 CEST [s=89a2cc877fdf4dafb2269a7631afedad;i=14d7;b=4c7e7adcba0c45b69d612857270716d3;m=137592e75e;t=55b1f81298605;x=c3c9b57b28c9490e]
    PRIORITY=6
    _BOOT_ID=4c7e7adcba0c45b69d612857270716d3
    _MACHINE_ID=e87bfd866aea4ae4b761aff06c9c3cb3
    _HOSTNAME=sigma
    SYSLOG_FACILITY=3
    SYSLOG_IDENTIFIER=systemd
    _UID=0
    _GID=0
    _TRANSPORT=journal
    _PID=1
    _COMM=systemd
    _EXE=/usr/lib/systemd/systemd
    _CAP_EFFECTIVE=3fffffffff
    _SYSTEMD_CGROUP=/init.scope
    _SYSTEMD_UNIT=init.scope
    _SYSTEMD_SLICE=-.slice
    CODE_FILE=../src/core/unit.c
    _CMDLINE=/usr/lib/systemd/systemd --switched-root --system --deserialize 25
    _SELINUX_CONTEXT=system_u:system_r:init_t:s0
    UNIT=ip-accounting-test.service
    CODE_LINE=2115
    CODE_FUNC=unit_log_resources
    MESSAGE_ID=ae8f7b866b0347b9af31fe1c80b127c0
    INVOCATION_ID=98a6e756fa9d421d8dfc82b6df06a9c3
    IP_METRIC_INGRESS_BYTES=50880
    IP_METRIC_INGRESS_PACKETS=605
    IP_METRIC_EGRESS_BYTES=50880
    IP_METRIC_EGRESS_PACKETS=605
    MESSAGE=ip-accounting-test.service: Received 49.6K IP traffic, sent 49.6K IP traffic
    _SOURCE_REALTIME_TIMESTAMP=1507565752649028

# journalctl -u ip-accounting-test MESSAGE_ID=ae8f7b866b0347b9af31fe1c80b127c0
-- Logs begin at Thu 2016-08-18 23:09:37 CEST, end at Mon 2017-10-09 18:25:27 CEST. --
Okt 09 18:15:52 sigma systemd[1]: ip-accounting-test.service: Received 49.6K IP traffic, sent 49.6K IP traffic

# systemd-run -p IPAccounting=yes --wait wget https://cfp.all-systems-go.io/en/ASG2017/public/schedule/2.pdf
Running as unit: run-u2761.service
Finished with result: success
Main processes terminated with: code=exited/status=0
Service runtime: 878ms
IP traffic received: 231.0K
IP traffic sent: 3.7K

# systemd-run -p IPAccounting=1 -t /bin/sh
Running as unit: run-u2779.service
Press ^] three times within 1s to disconnect TTY.
sh-4.4# dnf update
…
sh-4.4# dnf install firefox
…
sh-4.4# exit
Finished with result: success
Main processes terminated with: code=exited/status=0
Service runtime: 5.297s
IP traffic received: …B
IP traffic sent: …B

# systemd-run -p IPAddressDeny=any -p IPAddressAllow=8.8.8.8 -p IPAddressAllow=127.0.0.0/8 -t /bin/sh
Running as unit: run-u2850.service
Press ^] three times within 1s to disconnect TTY.
sh-4.4# ping 8.8.8.8 -c1
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=59 time=27.9 ms

--- 8.8.8.8 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 27.957/27.957/27.957/0.000 ms
sh-4.4# ping 8.8.4.4 -c1
PING 8.8.4.4 (8.8.4.4) 56(84) bytes of data.
ping: sendmsg: Operation not permitted
^C
--- 8.8.4.4 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms
sh-4.4# ping 127.0.0.2 -c1
PING 127.0.0.1 (127.0.0.2) 56(84) bytes of data.
64 bytes from 127.0.0.2: icmp_seq=1 ttl=64 time=0.116 ms

--- 127.0.0.2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.116/0.116/0.116/0.000 ms
sh-4.4# exit

# systemctl set-property system.slice IPAddressDeny=any IPAddressAllow=localhost
# systemctl set-property apache.service IPAddressAllow=10.0.0.0/8

# systemd-resolve 0pointer.de
0pointer.de: 85.214.157.71
             2a01:238:43ed:c300:10c3:bcf3:3266:da74
-- Information acquired via protocol DNS in 2.8ms.
-- Data is authenticated: no
# systemd-run --pipe -p IPAddressDeny=any \
                     -p IPAddressAllow=85.214.157.71 \
                     -p IPAddressAllow=2a01:238:43ed:c300:10c3:bcf3:3266:da74 \
                     -p DynamicUser=yes \
                     curl http://0pointer.de/public/casync-kinvolk2017.pdf | lp

# cat > /etc/systemd/system/dynamic-user-test.service <<EOF
[Service]
ExecStart=/usr/bin/sleep 4711
DynamicUser=yes
EOF
# systemctl daemon-reload
# systemctl start dynamic-user-test
# systemctl status dynamic-user-test
● dynamic-user-test.service
   Loaded: loaded (/etc/systemd/system/dynamic-user-test.service; static; vendor preset: disabled)
   Active: active (running) since Fri 2017-10-06 13:12:25 CEST; 3s ago
 Main PID: 2967 (sleep)
    Tasks: 1 (limit: 4915)
   CGroup: /system.slice/dynamic-user-test.service
           └─2967 /usr/bin/sleep 4711

Okt 06 13:12:25 sigma systemd[1]: Started dynamic-user-test.service.
# ps -e -o pid,comm,user | grep 2967
 2967 sleep           dynamic-user-test
# id dynamic-user-test
uid=64642(dynamic-user-test) gid=64642(dynamic-user-test) groups=64642(dynamic-user-test)
# systemctl stop dynamic-user-test
# id dynamic-user-test
id: ‘dynamic-user-test’: no such user

# systemd-run --pty --property=DynamicUser=yes --property=StateDirectory=wuff /bin/sh
Running as unit: run-u15750.service
Press ^] three times within 1s to disconnect TTY.
sh-4.4$ id
uid=63122(run-u15750) gid=63122(run-u15750) groups=63122(run-u15750) context=system_u:system_r:initrc_t:s0
sh-4.4$ ls -al /var/lib/private/
total 0
drwxr-xr-x. 3 root       root        60  6. Okt 13:21 .
drwxr-xr-x. 1 root       root       852  6. Okt 13:21 ..
drwxr-xr-x. 1 run-u15750 run-u15750   8  6. Okt 13:22 wuff
sh-4.4$ ls -ld /var/lib/wuff
lrwxrwxrwx. 1 root root 12  6. Okt 13:21 /var/lib/wuff -> private/wuff
sh-4.4$ ls -ld /var/lib/wuff/
drwxr-xr-x. 1 run-u15750 run-u15750 0  6. Okt 13:21 /var/lib/wuff/
sh-4.4$ echo hello > /var/lib/wuff/test
sh-4.4$ exit
exit
# id run-u15750
id: ‘run-u15750’: no such user
# ls -al /var/lib/private
total 0
drwx------. 1 root  root   66  6. Okt 13:21 .
drwxr-xr-x. 1 root  root  852  6. Okt 13:21 ..
drwxr-xr-x. 1 63122 63122   8  6. Okt 13:22 wuff
# ls -ld /var/lib/wuff
lrwxrwxrwx. 1 root root 12  6. Okt 13:21 /var/lib/wuff -> private/wuff
# ls -ld /var/lib/wuff/
drwxr-xr-x. 1 63122 63122 8  6. Okt 13:22 /var/lib/wuff/
# cat /var/lib/wuff/test
hello

# systemd-run --pty --property=DynamicUser=yes --property=StateDirectory=wuff /bin/sh
Running as unit: run-u16087.service
Press ^] three times within 1s to disconnect TTY.
sh-4.4$ cat /var/lib/wuff/test
hello
sh-4.4$ ls -al /var/lib/wuff/
total 4
drwxr-xr-x. 1 run-u16087 run-u16087  8  6. Okt 13:22 .
drwxr-xr-x. 3 root       root       60  6. Okt 15:42 ..
-rw-r--r--. 1 run-u16087 run-u16087  6  6. Okt 13:22 test
sh-4.4$ id
uid=63122(run-u16087) gid=63122(run-u16087) groups=63122(run-u16087) context=system_u:system_r:initrc_t:s0
sh-4.4$ exit
exit

# cat some-file.txt | systemd-run ---pipe --property=DynamicUser=1 sort -u | grep -i foobar > some-other-file.txt

[Service]
ExecStart=/usr/bin/myfoobarserviced
DynamicUser=1
StateDirectory=foobar/%i

# systemctl enable foobard@customerxyz.service --now

[Socket]
ListenStream=2048
Accept=yes

[Service]
ExecStart=-/usr/bin/myservicebinary
DynamicUser=yes

# mkosi

# mkosi

# systemd-nspawn -bi image.raw

# mkosi -t raw_btrfs --bootable -o foobar.raw
# systemd-nspawn -bi foobar.raw

qemu-kvm -m 512 -smp 2 -bios /usr/share/edk2/ovmf/OVMF_CODE.fd -drive format=raw,file=foobar.raw

# mkosi -d fedora -t directory -o quux
# systemd-nspawn -bD quux

# mkosi -d fedora -t raw_squashfs --checksum --xz --package=openssh-clients --package=emacs

# cat > mkosi.default <<EOF
[Distribution]
Distribution=fedora
Release=24

[Output]
Format=raw_btrfs
Bootable=yes

[Packages]
# The packages to appear in both the build and the final image
Packages=openssh-clients httpd
# The packages to appear in the build image, but absent from the final image
BuildPackages=make gcc libcurl-devel
EOF

# cat > mkosi.build <<EOF
#!/bin/sh
./autogen.sh
./configure --prefix=/usr
make -j `nproc`
make install
EOF
# chmod +x mkosi.build

# mkosi

# systemd-nspawn -bi image.raw

# mkdir mkosi.cache

# mkosi -i

# mkosi -if && systemd-nspawn -bi image.raw

# mkosi -iff && systemd-nspawn -bi image.raw

$ casync make foobar.caidx /some/directory

$ casync make foobar.caibx /dev/sda1

$ casync make foobar.caibx myimage.raw

$ casync extract foobar.caidx /some/other/directory

$ casync extract foobar.caibx /dev/sdb1

$ casync extract foobar.caibx myotherimage.raw

$ casync extract http://example.com/images/foobar.caidx /some/other/directory

$ casync make ssh.example.com:images/foobar.caidx /some/directory

$ casync extract http://example.com/images/foobar.caidx --seed=/some/exising/directory /some/other/directory

$ casync extract http://example.com/images/foobar.caibx --seed=/dev/sda1 /dev/sdb2

$ casync make foobar.caidx --with=sec-time --with=symlinks --with=read-only /some/dir

$ casync mount http://example.comf/images/foobar.caidx /mnt/foobar

$ casync mkdev http://example.comf/images/foobar.caibx

$ casync digest .

$ casync digest --with=unix .

$ casync digest --without=flag-immutable

$ casync list http://example.com/images/foobar.caidx

$ casync mtree http://example.com/images/foobar.caidx

…
[Service]
ExecStart=/usr/bin/mydaemon
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
…

#include <alloca.h>
#include <endian.h>
#include <errno.h>
#include <netinet/in.h>
#include <signal.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <unistd.h>

#include <systemd/sd-daemon.h>
#include <systemd/sd-event.h>

static int io_handler(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
        void *buffer;
        ssize_t n;
        int sz;

        /* UDP enforces a somewhat reasonable maximum datagram size of 64K, we can just allocate the buffer on the stack */
        if (ioctl(fd, FIONREAD, &sz) < 0)
                return -errno;
        buffer = alloca(sz);

        n = recv(fd, buffer, sz, 0);
        if (n < 0) {
                if (errno == EAGAIN)
                        return 0;

                return -errno;
        }

        if (n == 5 && memcmp(buffer, "EXIT\n", 5) == 0) {
                /* Request a clean exit */
                sd_event_exit(sd_event_source_get_event(es), 0);
                return 0;
        }

        fwrite(buffer, 1, n, stdout);
        fflush(stdout);
        return 0;
}

int main(int argc, char *argv[]) {
        union {
                struct sockaddr_in in;
                struct sockaddr sa;
        } sa;
        sd_event_source *event_source = NULL;
        sd_event *event = NULL;
        int fd = -1, r;
        sigset_t ss;

        r = sd_event_default(&event);
        if (r < 0)
                goto finish;

        if (sigemptyset(&ss) < 0 ||
            sigaddset(&ss, SIGTERM) < 0 ||
            sigaddset(&ss, SIGINT) < 0) {
                r = -errno;
                goto finish;
        }

        /* Block SIGTERM first, so that the event loop can handle it */
        if (sigprocmask(SIG_BLOCK, &ss, NULL) < 0) {
                r = -errno;
                goto finish;
        }

        /* Let's make use of the default handler and "floating" reference features of sd_event_add_signal() */
        r = sd_event_add_signal(event, NULL, SIGTERM, NULL, NULL);
        if (r < 0)
                goto finish;
        r = sd_event_add_signal(event, NULL, SIGINT, NULL, NULL);
        if (r < 0)
                goto finish;

        /* Enable automatic service watchdog support */
        r = sd_event_set_watchdog(event, true);
        if (r < 0)
                goto finish;

        fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
        if (fd < 0) {
                r = -errno;
                goto finish;
        }

        sa.in = (struct sockaddr_in) {
                .sin_family = AF_INET,
                .sin_port = htobe16(7777),
        };
        if (bind(fd, &sa.sa, sizeof(sa)) < 0) {
                r = -errno;
                goto finish;
        }

        r = sd_event_add_io(event, &event_source, fd, EPOLLIN, io_handler, NULL);
        if (r < 0)
                goto finish;

        (void) sd_notifyf(false,
                          "READY=1\n"
                          "STATUS=Daemon startup completed, processing events.");

        r = sd_event_loop(event);

finish:
        event_source = sd_event_source_unref(event_source);
        event = sd_event_unref(event);

        if (fd >= 0)
                (void) close(fd);

        if (r < 0)
                fprintf(stderr, "Failure: %s\n", strerror(-r));

        return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}

$ gcc event-example.c -o event-example `pkg-config --cflags --libs libsystemd`

$ nc -u localhost 7777

$ busctl
NAME                                       PID PROCESS         USER             CONNECTION    UNIT                      SESSION    DESCRIPTION
:1.1                                         1 systemd         root             :1.1          -                         -          -
:1.11                                      705 NetworkManager  root             :1.11         NetworkManager.service    -          -
:1.14                                      744 gdm             root             :1.14         gdm.service               -          -
:1.4                                       708 systemd-logind  root             :1.4          systemd-logind.service    -          -
:1.7200                                  17563 busctl          lennart          :1.7200       session-1.scope           1          -
[…]
org.freedesktop.NetworkManager             705 NetworkManager  root             :1.11         NetworkManager.service    -          -
org.freedesktop.login1                     708 systemd-logind  root             :1.4          systemd-logind.service    -          -
org.freedesktop.systemd1                     1 systemd         root             :1.1          -                         -          -
org.gnome.DisplayManager                   744 gdm             root             :1.14         gdm.service               -          -
[…]

$ busctl tree org.freedesktop.login1
└─/org/freedesktop/login1
  ├─/org/freedesktop/login1/seat
  │ ├─/org/freedesktop/login1/seat/seat0
  │ └─/org/freedesktop/login1/seat/self
  ├─/org/freedesktop/login1/session
  │ ├─/org/freedesktop/login1/session/_31
  │ └─/org/freedesktop/login1/session/self
  └─/org/freedesktop/login1/user
    ├─/org/freedesktop/login1/user/_1000
    └─/org/freedesktop/login1/user/self

$ busctl introspect org.freedesktop.login1 /org/freedesktop/login1/session/_31
NAME                                TYPE      SIGNATURE RESULT/VALUE                             FLAGS
org.freedesktop.DBus.Introspectable interface -         -                                        -
.Introspect                         method    -         s                                        -
org.freedesktop.DBus.Peer           interface -         -                                        -
.GetMachineId                       method    -         s                                        -
.Ping                               method    -         -                                        -
org.freedesktop.DBus.Properties     interface -         -                                        -
.Get                                method    ss        v                                        -
.GetAll                             method    s         a{sv}                                    -
.Set                                method    ssv       -                                        -
.PropertiesChanged                  signal    sa{sv}as  -                                        -
org.freedesktop.login1.Session      interface -         -                                        -
.Activate                           method    -         -                                        -
.Kill                               method    si        -                                        -
.Lock                               method    -         -                                        -
.PauseDeviceComplete                method    uu        -                                        -
.ReleaseControl                     method    -         -                                        -
.ReleaseDevice                      method    uu        -                                        -
.SetIdleHint                        method    b         -                                        -
.TakeControl                        method    b         -                                        -
.TakeDevice                         method    uu        hb                                       -
.Terminate                          method    -         -                                        -
.Unlock                             method    -         -                                        -
.Active                             property  b         true                                     emits-change
.Audit                              property  u         1                                        const
.Class                              property  s         "user"                                   const
.Desktop                            property  s         ""                                       const
.Display                            property  s         ""                                       const
.Id                                 property  s         "1"                                      const
.IdleHint                           property  b         true                                     emits-change
.IdleSinceHint                      property  t         1434494624206001                         emits-change
.IdleSinceHintMonotonic             property  t         0                                        emits-change
.Leader                             property  u         762                                      const
.Name                               property  s         "lennart"                                const
.Remote                             property  b         false                                    const
.RemoteHost                         property  s         ""                                       const
.RemoteUser                         property  s         ""                                       const
.Scope                              property  s         "session-1.scope"                        const
.Seat                               property  (so)      "seat0" "/org/freedesktop/login1/seat... const
.Service                            property  s         "gdm-autologin"                          const
.State                              property  s         "active"                                 -
.TTY                                property  s         "/dev/tty1"                              const
.Timestamp                          property  t         1434494630344367                         const
.TimestampMonotonic                 property  t         34814579                                 const
.Type                               property  s         "x11"                                    const
.User                               property  (uo)      1000 "/org/freedesktop/login1/user/_1... const
.VTNr                               property  u         1                                        const
.Lock                               signal    -         -                                        -
.PauseDevice                        signal    uus       -                                        -
.ResumeDevice                       signal    uuh       -                                        -
.Unlock                             signal    -         -                                        -

# busctl call org.freedesktop.login1 /org/freedesktop/login1/session/_31 org.freedesktop.login1.Session Lock

# busctl call org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager StartUnit ss "cups.service" "replace"
o "/org/freedesktop/systemd1/job/42684"

#include <stdio.h>
#include <stdlib.h>
#include <systemd/sd-bus.h>

int main(int argc, char *argv[]) {
        sd_bus_error error = SD_BUS_ERROR_NULL;
        sd_bus_message *m = NULL;
        sd_bus *bus = NULL;
        const char *path;
        int r;

        /* Connect to the system bus */
        r = sd_bus_open_system(&bus);
        if (r < 0) {
                fprintf(stderr, "Failed to connect to system bus: %s\n", strerror(-r));
                goto finish;
        }

        /* Issue the method call and store the respons message in m */
        r = sd_bus_call_method(bus,
                               "org.freedesktop.systemd1",           /* service to contact */
                               "/org/freedesktop/systemd1",          /* object path */
                               "org.freedesktop.systemd1.Manager",   /* interface name */
                               "StartUnit",                          /* method name */
                               &error,                               /* object to return error in */
                               &m,                                   /* return message on success */
                               "ss",                                 /* input signature */
                               "cups.service",                       /* first argument */
                               "replace");                           /* second argument */
        if (r < 0) {
                fprintf(stderr, "Failed to issue method call: %s\n", error.message);
                goto finish;
        }

        /* Parse the response message */
        r = sd_bus_message_read(m, "o", &path);
        if (r < 0) {
                fprintf(stderr, "Failed to parse response message: %s\n", strerror(-r));
                goto finish;
        }

        printf("Queued service job as %s.\n", path);

finish:
        sd_bus_error_free(&error);
        sd_bus_message_unref(m);
        sd_bus_unref(bus);

        return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}

$ gcc bus-client.c -o bus-client `pkg-config --cflags --libs libsystemd`

# ./bus-client
Queued service job as /org/freedesktop/systemd1/job/3586.

#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <systemd/sd-bus.h>

static int method_multiply(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) {
        int64_t x, y;
        int r;

        /* Read the parameters */
        r = sd_bus_message_read(m, "xx", &x, &y);
        if (r < 0) {
                fprintf(stderr, "Failed to parse parameters: %s\n", strerror(-r));
                return r;
        }

        /* Reply with the response */
        return sd_bus_reply_method_return(m, "x", x * y);
}

static int method_divide(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) {
        int64_t x, y;
        int r;

        /* Read the parameters */
        r = sd_bus_message_read(m, "xx", &x, &y);
        if (r < 0) {
                fprintf(stderr, "Failed to parse parameters: %s\n", strerror(-r));
                return r;
        }

        /* Return an error on division by zero */
        if (y == 0) {
                sd_bus_error_set_const(ret_error, "net.poettering.DivisionByZero", "Sorry, can't allow division by zero.");
                return -EINVAL;
        }

        return sd_bus_reply_method_return(m, "x", x / y);
}

/* The vtable of our little object, implements the net.poettering.Calculator interface */
static const sd_bus_vtable calculator_vtable[] = {
        SD_BUS_VTABLE_START(0),
        SD_BUS_METHOD("Multiply", "xx", "x", method_multiply, SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_METHOD("Divide",   "xx", "x", method_divide,   SD_BUS_VTABLE_UNPRIVILEGED),
        SD_BUS_VTABLE_END
};

int main(int argc, char *argv[]) {
        sd_bus_slot *slot = NULL;
        sd_bus *bus = NULL;
        int r;

        /* Connect to the user bus this time */
        r = sd_bus_open_user(&bus);
        if (r < 0) {
                fprintf(stderr, "Failed to connect to system bus: %s\n", strerror(-r));
                goto finish;
        }

        /* Install the object */
        r = sd_bus_add_object_vtable(bus,
                                     &slot,
                                     "/net/poettering/Calculator",  /* object path */
                                     "net.poettering.Calculator",   /* interface name */
                                     calculator_vtable,
                                     NULL);
        if (r < 0) {
                fprintf(stderr, "Failed to issue method call: %s\n", strerror(-r));
                goto finish;
        }

        /* Take a well-known service name so that clients can find us */
        r = sd_bus_request_name(bus, "net.poettering.Calculator", 0);
        if (r < 0) {
                fprintf(stderr, "Failed to acquire service name: %s\n", strerror(-r));
                goto finish;
        }

        for (;;) {
                /* Process requests */
                r = sd_bus_process(bus, NULL);
                if (r < 0) {
                        fprintf(stderr, "Failed to process bus: %s\n", strerror(-r));
                        goto finish;
                }
                if (r > 0) /* we processed a request, try to process another one, right-away */
                        continue;

                /* Wait for the next request to process */
                r = sd_bus_wait(bus, (uint64_t) -1);
                if (r < 0) {
                        fprintf(stderr, "Failed to wait on bus: %s\n", strerror(-r));
                        goto finish;
                }
        }

finish:
        sd_bus_slot_unref(slot);
        sd_bus_unref(bus);

        return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}

$ gcc bus-service.c -o bus-service `pkg-config --cflags --libs libsystemd`

$ ./bus-service

$ busctl --user tree net.poettering.Calculator
└─/net/poettering/Calculator

$ busctl --user introspect net.poettering.Calculator /net/poettering/Calculator
NAME                                TYPE      SIGNATURE RESULT/VALUE FLAGS
net.poettering.Calculator           interface -         -            -
.Divide                             method    xx        x            -
.Multiply                           method    xx        x            -
org.freedesktop.DBus.Introspectable interface -         -            -
.Introspect                         method    -         s            -
org.freedesktop.DBus.Peer           interface -         -            -
.GetMachineId                       method    -         s            -
.Ping                               method    -         -            -
org.freedesktop.DBus.Properties     interface -         -            -
.Get                                method    ss        v            -
.GetAll                             method    s         a{sv}        -
.Set                                method    ssv       -            -
.PropertiesChanged                  signal    sa{sv}as  -            -

$ busctl --user call net.poettering.Calculator /net/poettering/Calculator net.poettering.Calculator Multiply xx 5 7
x 35

$ busctl --user call net.poettering.Calculator /net/poettering/Calculator net.poettering.Calculator Divide xx 99 17
x 5

$ busctl --user call net.poettering.Calculator /net/poettering/Calculator net.poettering.Calculator Divide xx 43 0
Sorry, can't allow division by zero.

/usr
/usr
/usr
/var
/etc
/etc
/var
/usr
/etc
/var
/etc
/var
/usr
/usr
/etc
/var
/etc
/usr
/var
/var
/etc
/etc
/var
/var
/etc
/etc
/var
/var
/var
/var
/var
/etc
/etc
/etc/passwd
/etc/group
/etc
/usr
/etc
/var
/etc/ld.so.cache
/etc/passwd
/etc
systemd-sysusers
/usr/lib/sysusers.d/
/etc/passwd
/etc/group
useradd -r
groupadd -r
/usr
/usr
ConditionNeedsUpdate=
/usr
/etc
/var
/usr
mtime
/usr
/etc
/var
ConditionNeedsUpdate=
systemd-sysusers
/etc/ld.so.cache
/etc
/etc
/etc
/etc/pam.d
/etc/dbus-1
/etc
/usr
/etc
/usr/share/etc
diff
/etc
--tmpfs=
systemd-nspawn
/etc
/var
# system-nspawn -D /srv/mycontainer --read-only --tmpfs=/var --tmpfs=/etc -b
/srv/mycontainer
/var
/etc
systemd-nspawn
--mode={stateful|volatile|stateless}
/etc
/var
/etc
/var
/usr/lib/sysusers.d
/etc
/var
/var
/etc
/usr
/etc
/usr/lib/sysusers.d
/usr
/etc
useradd
sysusers
/usr
/usr
/usr
/etc
/var
/usr
/etc
/var
/usr
/usr
/usr
#systemd
journalctl
configure
cgroupfs
cgroups, fanotify, umount2(),
/proc/self/mountinfo 
, /dev/swaps 
,
udev, netlink, 
 /sys, /proc/$PID/comm,
/proc/$PID/cmdline, /proc/$PID/loginuid, /proc/$PID/stat,
/proc/$PID/session, /proc/$PID/exe, /proc/$PID/fd, tmpfs, devtmpfs,

 prctl()s, 

ioctls, 
 mount() 
, selinux, audit,
inotify, statfs, O_DIRECTORY, O_NOATIME, /proc/$PID/root, waitid(),
SCM_CREDENTIALS, SCM_RIGHTS, mkostemp(), /dev/input, ...
systemctl
loginctl
timedatectl
hostnamectl
localectl
#systemd
/etc/hostname
/usr
--with-rootprefix=
configure
/usr
systemd-detect-virt
systemd-tmpfiles
systemd-udevd
debootstrap
--installroot
-b
/etc/systemd/system/mycontainer.service
[Unit]
Description=My little container

[Service]
ExecStart=/usr/bin/systemd-nspawn -jbD /srv/mycontainer 3
KillMode=process

systemctl
start
systemctl stop
/etc/systemd/system/mycontainer.socket
[Unit]
Description=The SSH socket of my little container

[Socket]
ListenStream=23

systemctl start
/etc/systemd/system/sshd.socket
[Unit]
Description=SSH Socket for Per-Connection Servers

[Socket]
ListenStream=23
Accept=yes
/etc/systemd/system/sshd@.service
[Unit]
Description=SSH Per-Connection Server for %I

[Service]
ExecStart=-/usr/sbin/sshd -i
StandardInput=socket
sshd.socket
sockets.target
ln -s /etc/systemd/system/sshd.socket /etc/systemd/system/sockets.target.wants/
mycontainer.socket
sshd.socket
sshd@.service
mycontainer.socket
-m
journalctl
yum
--releasever=19 --nogpg --installroot=/srv/mycontainer/ --disablerepo='*'
--enablerepo=fedora install systemd passwd yum fedora-release vim-minimal 
debootstrap --arch=amd64 unstable
/srv/mycontainer/
audit=0
ConditionVirtualization
systemd-detect-virt(1)
/sys
/proc
ConditionVirtualization
[Unit]
[Unit]
Name=My Foobar Service (runs only only on guests)
ConditionVirtualization=yes

[Service]
ExecStart=/usr/bin/foobard
yes
no
kvm
vmware
container
vm
systemd-detect-virt(1)
if systemd-detect-virt -q ; then
        echo "Virtualization is used:" `systemd-detect-virt`
else
        echo "No virtualization is used."
fi
-q
-c
-v
$ gdbus call --system --dest org.freedesktop.systemd1 --object-path /org/freedesktop/systemd1 --method org.freedesktop.DBus.Properties.Get org.freedesktop.systemd1.Manager Virtualization
(<'systemd-nspawn'>,)
syslog()
printk()
syslog()
#include <syslog.h>

int main(int argc, char *argv[]) {
        syslog(LOG_NOTICE, "Hello World");
        return 0;
}
journalctl -o json-pretty
{
        "_BOOT_ID" : "5335e9cf5d954633bb99aefc0ec38c25",
        "_TRANSPORT" : "syslog",
        "PRIORITY" : "5",
        "_UID" : "500",
        "_GID" : "500",
        "_AUDIT_SESSION" : "2",
        "_AUDIT_LOGINUID" : "500",
        "_SYSTEMD_CGROUP" : "/user/lennart/2",
        "_SYSTEMD_SESSION" : "2",
        "_SELINUX_CONTEXT" : "unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023",
        "_MACHINE_ID" : "a91663387a90b89f185d4e860000001a",
        "_HOSTNAME" : "epsilon",
        "_COMM" : "test-journal-su",
        "_CMDLINE" : "./test-journal-submit",
        "SYSLOG_FACILITY" : "1",
        "_EXE" : "/home/lennart/projects/systemd/test-journal-submit",
        "_PID" : "3068",
        "SYSLOG_IDENTIFIER" : "test-journal-submit",
        "MESSAGE" : "Hello World!",
        "_SOURCE_REALTIME_TIMESTAMP" : "1351126905014938"
}
#include <stdio.h>

int main(int argc, char *argv[]) {
        printf("Hello World\n");
        return 0;
}
printk()
#include <stdio.h>

#define PREFIX_NOTICE "<5>"

int main(int argc, char *argv[]) {
        printf(PREFIX_NOTICE "Hello World\n");
        return 0;
}
printf()
#!/bin/bash

echo "<5>Hellow world"
sd_journal_print(3)
#include <systemd/sd-journal.h>

int main(int argc, char *argv[]) {
        sd_journal_print(LOG_NOTICE, "Hello World");
        return 0;
}
`pkg-config --cflags
--libs libsystemd-journal`
 {
        "_BOOT_ID" : "5335e9cf5d954633bb99aefc0ec38c25",
        "PRIORITY" : "5",
        "_UID" : "500",
        "_GID" : "500",
        "_AUDIT_SESSION" : "2",
        "_AUDIT_LOGINUID" : "500",
        "_SYSTEMD_CGROUP" : "/user/lennart/2",
        "_SYSTEMD_SESSION" : "2",
        "_SELINUX_CONTEXT" : "unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023",
        "_MACHINE_ID" : "a91663387a90b89f185d4e860000001a",
        "_HOSTNAME" : "epsilon",
        "CODE_FUNC" : "main",
        "_TRANSPORT" : "journal",
        "_COMM" : "test-journal-su",
        "_CMDLINE" : "./test-journal-submit",
        "CODE_FILE" : "src/journal/test-journal-submit.c",
        "_EXE" : "/home/lennart/projects/systemd/test-journal-submit",
        "MESSAGE" : "Hello World",
        "CODE_LINE" : "4",
        "_PID" : "3516",
        "_SOURCE_REALTIME_TIMESTAMP" : "1351128226954170"
}
sd_journal_print()
sd_journal_send()
#include <systemd/sd-journal.h>
#include <unistd.h>
#include <stdlib.h>

int main(int argc, char *argv[]) {
        sd_journal_send("MESSAGE=Hello World!",
                        "MESSAGE_ID=52fb62f99e2c49d89cfbf9d6de5e3555",
                        "PRIORITY=5",
                        "HOME=%s", getenv("HOME"),
                        "TERM=%s", getenv("TERM"),
                        "PAGE_SIZE=%li", sysconf(_SC_PAGESIZE),
                        "N_CPUS=%li", sysconf(_SC_NPROCESSORS_ONLN),
                        NULL);
        return 0;
}
{
        "__CURSOR" : "s=ac9e9c423355411d87bf0ba1a9b424e8;i=5930;b=5335e9cf5d954633bb99aefc0ec38c25;m=16544f875b;t=4ccd863cdc4f0;x=896defe53cc1a96a",
        "__REALTIME_TIMESTAMP" : "1351129666274544",
        "__MONOTONIC_TIMESTAMP" : "95903778651",
        "_BOOT_ID" : "5335e9cf5d954633bb99aefc0ec38c25",
        "PRIORITY" : "5",
        "_UID" : "500",
        "_GID" : "500",
        "_AUDIT_SESSION" : "2",
        "_AUDIT_LOGINUID" : "500",
        "_SYSTEMD_CGROUP" : "/user/lennart/2",
        "_SYSTEMD_SESSION" : "2",
        "_SELINUX_CONTEXT" : "unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023",
        "_MACHINE_ID" : "a91663387a90b89f185d4e860000001a",
        "_HOSTNAME" : "epsilon",
        "CODE_FUNC" : "main",
        "_TRANSPORT" : "journal",
        "_COMM" : "test-journal-su",
        "_CMDLINE" : "./test-journal-submit",
        "CODE_FILE" : "src/journal/test-journal-submit.c",
        "_EXE" : "/home/lennart/projects/systemd/test-journal-submit",
        "MESSAGE" : "Hello World!",
        "_PID" : "4049",
        "CODE_LINE" : "6",
        "MESSAGE_ID" : "52fb62f99e2c49d89cfbf9d6de5e3555",
        "HOME" : "/home/lennart",
        "TERM" : "xterm-256color",
        "PAGE_SIZE" : "4096",
        "N_CPUS" : "4",
        "_SOURCE_REALTIME_TIMESTAMP" : "1351129666241467"
}
sd_journal_send()
sd_journal_print()
MESSAGE=
PRIORITY=
MESSAGE_ID=
journalctl --new-id128
$ journalctl MESSAGE_ID=52fb62f99e2c49d89cfbf9d6de5e3555
-- Logs begin at Thu, 2012-10-18 04:07:03 CEST, end at Thu, 2012-10-25 04:48:21 CEST. --
Oct 25 03:47:46 epsilon test-journal-se[4049]: Hello World!
Oct 25 04:40:36 epsilon test-journal-se[4480]: Hello World!

journalctl
MESSAGE_ID=fc2e22bc6ee647b6b90729ab34a250b1
journalctl
MESSAGE_ID=8d45620c1a4348dbb17410da57c60c66
journalctl
--new-id128
sd_journal_send(3)
from systemd import journal
journal.send('Hello world')
journal.send('Hello, again, world', FIELD2='Greetings!', FIELD3='Guten tag')
/var/log/messages
syslog()
printf()
sd_journal_print()
sd_journal_send()
SyslogLevel=
SyslogLevelPrefix=
cpu
/etc/systemd/system.conf
/etc/systemd/system/httpd.service
/usr/lib/systemd/system/httpd.service
CPUShares=
.include /usr/lib/systemd/system/httpd.service

[Service]
CPUShares=1500
systemctl daemon-reload
systemctl restart httpd.service
CPUShares=
cpu
cpu
DefaultControllers=
cgtop
blkio
memory
memory
blkio
DefaultControllers=
system.conf
MemoryLimit=
MemorySoftLimit=
.include /usr/lib/systemd/system/httpd.service

[Service]
MemoryLimit=1G
CPUShares=
memory
BlockIOWeight=
.include /usr/lib/systemd/system/httpd.service

[Service]
BlockIOWeight=500
.include /usr/lib/systemd/system/httpd.service

[Service]
BlockIOWeight=/dev/disk/by-id/ata-SAMSUNG_MMCRE28G8MXP-0VBL1_DC06K01009SE009B5252 750
.include /usr/lib/systemd/system/httpd.service

[Service]
BlockIOWeight=/home/lennart 750
/home/lennart
BlockIOReadBandwidth=
BlockIOWriteBandwidth=
.include /usr/lib/systemd/system/httpd.service

[Service]
BlockIOReadBandwith=/var/log 5M
/var/log
CPUShares=
MemoryLimit=
blkio
memory.swappiness
ControlGroupAttribute=
.include /usr/lib/systemd/system/httpd.service

[Service]
ControlGroupAttribute=memory.swappiness 70
memory
IOSchedulingClass=
IOSchedulingPriority=
CPUSchedulingPolicy=
CPUSchedulingPriority=
CPUAffinity=
LimitCPU=
systemctl
/run/log/journal
systemctl status
/var/log/journal
# mkdir -p /var/log/journal
/var/log/messages
# yum remove rsyslog
# journalctl
/var/log/messages
less
adm
adm
# usermod -a -G adm lennart
lennart
$ journalctl
tail -f /var/log/messages
$ journalctl -f
journalctl
$ journalctl -b
$ journalctl -b -p err
-b
$ journalctl --since=yesterday
-p err
$ journalctl --since=2012-10-15 --until="2011-10-16 23:59:59"
$ journalctl -u httpd --since=00:00 --until=9:30
/dev/sdc
$ journalctl /dev/sdc
$ journalctl /usr/sbin/vpnc
dhclient
$ journalctl /usr/sbin/vpnc /usr/sbin/dhclient
$ journalctl -o verbose -n
[...]
Tue, 2012-10-23 23:51:38 CEST [s=ac9e9c423355411d87bf0ba1a9b424e8;i=4301;b=5335e9cf5d954633bb99aefc0ec38c25;m=882ee28d2;t=4ccc0f98326e6;x=f21e8b1b0994d7ee]
        PRIORITY=6
        SYSLOG_FACILITY=3
        _MACHINE_ID=a91663387a90b89f185d4e860000001a
        _HOSTNAME=epsilon
        _TRANSPORT=syslog
        SYSLOG_IDENTIFIER=avahi-daemon
        _COMM=avahi-daemon
        _EXE=/usr/sbin/avahi-daemon
        _SYSTEMD_CGROUP=/system/avahi-daemon.service
        _SYSTEMD_UNIT=avahi-daemon.service
        _SELINUX_CONTEXT=system_u:system_r:avahi_t:s0
        _UID=70
        _GID=70
        _CMDLINE=avahi-daemon: registering [epsilon.local]
        MESSAGE=Joining mDNS multicast group on interface wlan0.IPv4 with address 172.31.0.53.
        _BOOT_ID=5335e9cf5d954633bb99aefc0ec38c25
        _PID=27937
        SYSLOG_PID=27937
        _SOURCE_REALTIME_TIMESTAMP=1351029098747042

-n
-o verbose
/var/log/messages
$ journalctl _UID=70
$ journalctl _UID=70 _UID=71
$ journalctl _HOSTNAME=epsilon _COMM=avahi-daemon
avahi-daemon
epsilon
$ journalctl _HOSTNAME=theta _UID=70 + _HOSTNAME=epsilon _COMM=avahi-daemon
theta
epsilon
avahi-daemon
$ journalctl -F _SYSTEMD_UNIT
$ journalctl _SE<TAB>
$ journalctl _SELINUX_CONTEXT=
$ journalctl _SELINUX_CONTEXT=<TAB><TAB>
kernel                                                       system_u:system_r:local_login_t:s0-s0:c0.c1023               system_u:system_r:udev_t:s0-s0:c0.c1023
system_u:system_r:accountsd_t:s0                             system_u:system_r:lvm_t:s0                                   system_u:system_r:virtd_t:s0-s0:c0.c1023
system_u:system_r:avahi_t:s0                                 system_u:system_r:modemmanager_t:s0-s0:c0.c1023              system_u:system_r:vpnc_t:s0
system_u:system_r:bluetooth_t:s0                             system_u:system_r:NetworkManager_t:s0                        system_u:system_r:xdm_t:s0-s0:c0.c1023
system_u:system_r:chkpwd_t:s0-s0:c0.c1023                    system_u:system_r:policykit_t:s0                             unconfined_u:system_r:rpm_t:s0-s0:c0.c1023
system_u:system_r:chronyd_t:s0                               system_u:system_r:rtkit_daemon_t:s0                          unconfined_u:system_r:unconfined_t:s0-s0:c0.c1023
system_u:system_r:crond_t:s0-s0:c0.c1023                     system_u:system_r:syslogd_t:s0                               unconfined_u:system_r:useradd_t:s0-s0:c0.c1023
system_u:system_r:devicekit_disk_t:s0                        system_u:system_r:system_cronjob_t:s0-s0:c0.c1023            unconfined_u:unconfined_r:unconfined_dbusd_t:s0-s0:c0.c1023
system_u:system_r:dhcpc_t:s0                                 system_u:system_r:system_dbusd_t:s0-s0:c0.c1023              unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
system_u:system_r:dnsmasq_t:s0-s0:c0.c1023                   system_u:system_r:systemd_logind_t:s0
system_u:system_r:init_t:s0                                  system_u:system_r:systemd_tmpfiles_t:s0
$ journalctl _SELINUX_CONTEXT=system_u:system_r:policykit_t:s0
/var/log/messages
console=ttyS0
console=ttyS0
getty@.service
/dev/tty1
serial-getty@.service
/dev/ttyS0
getty@.service
$TERM
vt102
linux
getty@.service
tty1
tty6
getty@tty2.service
getty@tty5.service
ps
tty1
tty6
serial-getty@.service
console=ttyS0
/dev/hvc0
/dev/xvc0
/dev/hvsi0
serial-getty@.service
# systemctl enable serial-getty@ttyS2.service
# systemctl start serial-getty@ttyS2.service
agetty
/etc/systemd/system
# cp /usr/lib/systemd/system/serial-getty@.service /etc/systemd/system/serial-getty@ttyS2.service
# vi /etc/systemd/system/serial-getty@ttyS2.service
 .... now make your changes to the agetty command line ...
# ln -s /etc/systemd/system/serial-getty@ttyS2.service /etc/systemd/system/getty.target.wants/
# systemctl daemon-reload
# systemctl start serial-getty@ttyS2.service
ttyS2
NAutoVTs=
ReserveVT=
/sys/class/tty/console/active
agetty -s
systemctl enable
ln -s /usr/lib/systemd/system/serial-getty@.service
/etc/systemd/system/getty.target.wants/serial-getty@ttyS2.service ; systemctl
daemon-reload
/usr
/dev/watchdog
RuntimeWatchdogSec=
/etc/systemd/system.conf
/dev/watchdog
ShutdownWatchdogSec=
/etc/systemd/system.conf
WATCHDOG_USEC=
sd_notify("WATCHDOG=1")
WatchdogSec=
WATCHDOG_USEC=
Restart=on-failure
StartLimitBurst=
StartLimitInterval=
StartLimitAction=
none
reboot
reboot-force
reboot-immediate
reboot
reboot-force
reboot-immediate
reboot-immediate
[Unit]
Description=My Little Daemon
Documentation=man:mylittled(8)

[Service]
ExecStart=/usr/bin/mylittled
WatchdogSec=30s
Restart=on-failure
StartLimitInterval=5min
StartLimitBurst=4
StartLimitAction=reboot-force

/dev/watchdog
/dev/watchdog
/dev/watchdog
systemctl status
systemd-logind.service
$ systemctl status systemd-logind.service
systemd-logind.service - Login Service
	  Loaded: loaded (/usr/lib/systemd/system/systemd-logind.service; static)
	  Active: active (running) since Mon, 25 Jun 2012 22:39:24 +0200; 1 day and 18h ago
	    Docs: man:systemd-logind.service(7)
	          man:logind.conf(5)
	          http://www.freedesktop.org/wiki/Software/systemd/multiseat
	Main PID: 562 (systemd-logind)
	  CGroup: name=systemd:/system/systemd-logind.service
		  └ 562 /usr/lib/systemd/systemd-logind

Jun 25 22:39:24 epsilon systemd-logind[562]: Watching system buttons on /dev/input/event2 (Power Button)
Jun 25 22:39:24 epsilon systemd-logind[562]: Watching system buttons on /dev/input/event6 (Video Bus)
Jun 25 22:39:24 epsilon systemd-logind[562]: Watching system buttons on /dev/input/event0 (Lid Switch)
Jun 25 22:39:24 epsilon systemd-logind[562]: Watching system buttons on /dev/input/event1 (Sleep Button)
Jun 25 22:39:24 epsilon systemd-logind[562]: Watching system buttons on /dev/input/event7 (ThinkPad Extra Buttons)
Jun 25 22:39:25 epsilon systemd-logind[562]: New session 1 of user gdm.
Jun 25 22:39:25 epsilon systemd-logind[562]: Linked /tmp/.X11-unix/X0 to /run/user/42/X11-display.
Jun 25 22:39:32 epsilon systemd-logind[562]: New session 2 of user lennart.
Jun 25 22:39:32 epsilon systemd-logind[562]: Linked /tmp/.X11-unix/X0 to /run/user/500/X11-display.
Jun 25 22:39:54 epsilon systemd-logind[562]: Removed session 1.

Docs
systemctl status
systemctl status
systemctl
status
systemctl help systemd-logind.service
systemctl status
systemctl
Documentation=
[Unit]
systemctl status
systemctl status
systemd
systemctl
$ systemctl status avahi-daemon.service
avahi-daemon.service - Avahi mDNS/DNS-SD Stack
	  Loaded: loaded (/usr/lib/systemd/system/avahi-daemon.service; enabled)
	  Active: active (running) since Fri, 18 May 2012 12:27:37 +0200; 14s ago
	Main PID: 8216 (avahi-daemon)
	  Status: "avahi-daemon 0.6.30 starting up."
	  CGroup: name=systemd:/system/avahi-daemon.service
		  ├ 8216 avahi-daemon: running [omega.local]
		  └ 8217 avahi-daemon: chroot helper

May 18 12:27:37 omega avahi-daemon[8216]: Joining mDNS multicast group on interface eth1.IPv4 with address 172.31.0.52.
May 18 12:27:37 omega avahi-daemon[8216]: New relevant interface eth1.IPv4 for mDNS.
May 18 12:27:37 omega avahi-daemon[8216]: Network interface enumeration completed.
May 18 12:27:37 omega avahi-daemon[8216]: Registering new address record for 192.168.122.1 on virbr0.IPv4.
May 18 12:27:37 omega avahi-daemon[8216]: Registering new address record for fd00::e269:95ff:fe87:e282 on eth1.*.
May 18 12:27:37 omega avahi-daemon[8216]: Registering new address record for 172.31.0.52 on eth1.IPv4.
May 18 12:27:37 omega avahi-daemon[8216]: Registering HINFO record with values 'X86_64'/'LINUX'.
May 18 12:27:38 omega avahi-daemon[8216]: Server startup complete. Host name is omega.local. Local service cookie is 3555095952.
May 18 12:27:38 omega avahi-daemon[8216]: Service "omega" (/services/ssh.service) successfully established.
May 18 12:27:38 omega avahi-daemon[8216]: Service "omega" (/services/sftp-ssh.service) successfully established.
-f
tail
-f
-n
tail -n
syslog()
/sys/fs/cgroup/systemd/system/
systemctl
git
systemctl
--failed
--ignore-dependencies
systemctl
SIGKILL
SendSIGKILL=
systemd-ui
systemd-tmpfiles
/lib/systemd/system-shutdown/
ConditionVirtualization=
ConditionSecurity=
ConditionCapability=
ConditionFileIsExecutable=
ConditionPathIsMountPoint=
ConditionPathIsReadWrite=
ConditionPathIsSymbolicLink=
/usr
/etc/mtab
/proc/mounts
/sys
/proc/sys
/dev/kmsg
systemd-nspawn
/etc/machine-id
-uuid
/etc/fstab
x-systemd-xyz
LSB:
SYSV:
/run
-H
udev-settle.service
systemd-analyze
binfmt_misc
/etc/binfmt.d
systemctl
chroot()
--root=
OnFailureIsolate=
/proc
IgnoreOnIsolate=
IgnoreOnSnapshot=
plymouth.enable=0
IP_TRANSPARENT
SO_BROADCAST
SO_PASSCRED
SO_PASSSEC
/selinux
/sys/fs/selinux
systemd-logind
ControlGroupModify=
ControlGroupPersistent=
initrd
systemctl
systemctl
systemctl list-unit-files
sysctl
/etc/sysctl.d
PrivateNetwork=
MemoryLimit=
ControlGroupAttribute=
cpu
cpuacct
systemctl status
fsck
[ OK ]
systemd-cgls
systemd-cgtop
systemd.setenv=
systemd-detect-virt
/sys/fs/cgroup/
/sys/fs/cgroup/
/sys/fs/cgroup/systemd/
/etc/systemd/system.conf
DefaultControllers=
/sys/fs/cgroup/
/dev/cgroup/
/sys/fs/cgroup/
/sys/fs/cgroup/
/sys/fs/cgroup/systemd/
DefaultControllers=
JoinControllers=
/etc/systemd/system.conf
/tmp
/tmp
/tmp
/tmp
/tmp
/tmp
/tmp
/tmp
/tmp
/tmp
/tmp
/tmp
/tmp
mkstemp()
mkdtemp()
/tmp
/tmp
/var/tmp
/tmp
/tmp
mkstemp()
mkdtemp()
$TMPDIR
/var/tmp
$TMPDIR
/tmp
/var/tmp
/run
/var/run
$XDG_RUNTIME_DIR
/run
g_get_user_runtime_dir()
$XDG_CACHE_HOME
g_get_user_cache_dir()
$XDG_DOWNLOAD_DIR
g_get_user_special_dir()
/run
/var/run
$XDG_RUNTIME_DIR
$XDG_DOWNLOAD_DIR
$XDG_CACHE_HOME
$TMPDIR
/tmp
mkstemp()
mkdtemp()
$TMPDIR
/var/tmp
mkstemp()
mkdtemp()
/tmp
/var/tmp
/tmp
/var/tmp
mkstemp()
mkdtemp()
tmp-on-tmpfs
ServicesPrivateTmp
fedora-devel
mkstemp()
mkdtemp()
/tmp
/etc/os-release
/etc/os-release
/etc/os-release
lsb_release
lsb_release
/etc/system-release
lsb_release
/etc/bikeshed
/etc/os-release
/etc/fedora-release
/etc/os-release
open()
/etc/os-release
/etc/redhat-release
/etc/SuSE-release
/etc/debian_version
/etc/arch-release
/etc/gentoo-release
/etc/slackware-version
/etc/frugalware-release
/etc/altlinux-release
/etc/mandriva-release
/etc/meego-release
/etc/angstrom-version
/etc/mageia-release
/tmp
/tmp
PrivateTmp=yes
/tmp
PrivateNetwork=
...
[Service]
ExecStart=...
PrivateNetwork=yes
...
PrivateNetwork=yes
getpwnam()
PrivateNetwork=yes
PrivateNetwork=yes
PrivateTmp=
...
[Service]
ExecStart=...
PrivateTmp=yes
...
/tmp
/tmp
/tmp
/tmp
/tmp
/tmp
/run
/tmp
/tmp
PrivateTmp=
/tmp
/tmp
ReadOnlyDirectories=
InaccessibleDirectories=
...
[Service]
ExecStart=...
InaccessibleDirectories=/home
ReadOnlyDirectories=/var
...

/home
/var
ReadOnlyDirectories=
/var
CapabilityBoundingSet=
...
[Service]
ExecStart=...
CapabilityBoundingSet=CAP_CHOWN CAP_KILL
...

...
[Service]
ExecStart=...
CapabilityBoundingSet=~CAP_SYS_PTRACE
...
~
pscap
libcap-ng-utils
CapabilityBoundingSet=
...
[Service]
ExecStart=...
LimitNPROC=1
LimitFSIZE=0
...
CapabilityBoundingSet=
LimitFSIZE=
...
[Service]
ExecStart=...
DeviceAllow=/dev/null rw
...
/dev/null
devices
RootDirectory=
chroot()
User=
Group=
/tmp
/tmp
/run
libabc
Subject: A Plumber’s Wish List for Linux

We’d like to share our current wish list of plumbing layer features we
are hoping to see implemented in the near future in the Linux kernel and
associated tools. Some items we can implement on our own, others are not
our area of expertise, and we will need help getting them implemented.

Acknowledging that this wish list of ours only gets longer and not
shorter, even though we have implemented a number of other features on
our own in the previous years, we are posting this list here, in the
hope to find some help.

If you happen to be interested in working on something from this list or
able to help out, we’d be delighted. Please ping us in case you need
clarifications or more information on specific items.

Thanks,
Kay, Lennart, Harald, in the name of all the other plumbers

An here’s the wish list, in no particular order:

* (ioctl based?) interface to query and modify the label of a mounted
FAT volume:
A FAT labels is implemented as a hidden directory entry in the file
system which need to be renamed when changing the file system label,
this is impossible to do from userspace without unmounting. Hence we’d
like to see a kernel interface that is available on the mounted file
system mount point itself. Of course, bonus points if this new interface
can be implemented for other file systems as well, and also covers fs
UUIDs in addition to labels.

* CPU modaliases in /sys/devices/system/cpu/cpuX/modalias:
useful to allow module auto-loading of e.g. cpufreq drivers and KVM
modules. Andy Kleen has a patch to create the alias file itself. CPU
‘struct sysdev’ needs to be converted to ‘struct device’ and a ‘struct
bus_type cpu’ needs to be introduced to allow proper CPU coldplug event
replay at bootup. This is one of the last remaining places where
automatic hardware-triggered module auto-loading is not available. And
we’d like to see that fix to make numerous ugly userspace work-arounds
to achieve the same go away.

* expose CAP_LAST_CAP somehow in the running kernel at runtime:
Userspace needs to know the highest valid capability of the running
kernel, which right now cannot reliably be retrieved from header files
only. The fact that this value cannot be detected properly right now
creates various problems for libraries compiled on newer header files
which are run on older kernels. They assume capabilities are available
which actually aren’t. Specifically, libcap-ng claims that all running
processes retain the higher capabilities in this case due to the
“inverted” semantics of CapBnd in /proc/$PID/status.

* export ‘struct device_type fb/fbcon’ of ‘struct class graphics’
Userspace wants to easily distinguish ‘fb’ and ‘fbcon’ from each other
without the need to match on the device name.

* allow changing argv[] of a process without mucking with environ[]:
Something like setproctitle() or a prctl() would be ideal. Of course it
is questionable if services like sendmail make use of this, but otoh for
services which fork but do not immediately exec() another binary being
able to rename this child processes in ps is of importance.

* module-init-tools: provide a proper libmodprobe.so from
module-init-tools:
Early boot tools, installers, driver install disks want to access
information about available modules to optimize bootup handling.

* fork throttling mechanism as basic cgroup functionality that is
available in all hierarchies independent of the controllers used:
This is important to implement race-free killing of all members of a
cgroup, so that cgroup member processes cannot fork faster then a cgroup
supervisor process could kill them. This needs to be recursive, so that
not only a cgroup but all its subgroups are covered as well.

* proper cgroup-is-empty notification interface:
The current call_usermodehelper() interface is an unefficient and an
ugly hack. Tools would prefer anything more lightweight like a netlink,
poll() or fanotify interface.

* allow user xattrs to be set on files in the cgroupfs (and maybe
procfs?)

* simple, reliable and future-proof way to detect whether a specific pid
is running in a CLONE_NEWPID container, i.e. not in the root PID
namespace. Currently, there are available a few ugly hacks to detect
this (for example a process wanting to know whether it is running in a
PID namespace could just look for a PID 2 being around and named
kthreadd which is a kernel thread only visible in the root namespace),
however all these solutions encode information and expectations that
better shouldn’t be encoded in a namespace test like this. This
functionality is needed in particular since the removal of the the ns
cgroup controller which provided the namespace membership information to
user code.

* allow making use of the “cpu” cgroup controller by default without
breaking RT. Right now creating a cgroup in the “cpu” hierarchy that
shall be able to take advantage of RT is impossible for the generic case
since it needs an RT budget configured which is from a limited resource
pool. What we want is the ability to create cgroups in “cpu” whose
processes get an non-RT weight applied, but for RT take advantage of the
parent’s RT budget. We want the separation of RT and non-RT budget
assignment in the “cpu” hierarchy, because right now, you lose RT
functionality in it unless you assign an RT budget. This issue severely
limits the usefulness of “cpu” hierarchy on general purpose systems
right now.

* Add a timerslack cgroup controller, to allow increasing the timer
slack of user session cgroups when the machine is idle.

* An auxiliary meta data message for AF_UNIX called SCM_CGROUPS (or
something like that), i.e. a way to attach sender cgroup membership to
messages sent via AF_UNIX. This is useful in case services such as
syslog shall be shared among various containers (or service cgroups),
and the syslog implementation needs to be able to distinguish the
sending cgroup in order to separate the logs on disk. Of course stm
SCM_CREDENTIALS can be used to look up the PID of the sender followed by
a check in /proc/$PID/cgroup, but that is necessarily racy, and actually
a very real race in real life.

* SCM_COMM, with a similar use case as SCM_CGROUPS. This auxiliary
control message should carry the process name as available
in /proc/$PID/comm.
ssh stream tcp nowait root /usr/sbin/sshd sshd -i
service ssh {
        socket_type = stream
        protocol = tcp
        wait = no
        user = root
        server = /usr/sbin/sshd
        server_args = -i
}
/etc/services
/etc/services
nowait
wait=no
wait
nowait
-i
sshd.socket
[Unit]
Description=SSH Socket for Per-Connection Servers

[Socket]
ListenStream=22
Accept=yes

[Install]
WantedBy=sockets.target

Accept=yes
nowait
nowait
accept()
wait
WantedBy=sockets.target
sshd@.service
[Unit]
Description=SSH Per-Connection Server

[Service]
ExecStart=-/usr/sbin/sshd -i
StandardInput=socket

StandardInput=socket
StandardInput=
socket
StandardOutput=
StandardInput=
systemctl reset-failed
sshd@.service
sshd@.service
/etc/systemd/system
# systemctl enable sshd.socket
ln -s '/etc/systemd/system/sshd.socket' '/etc/systemd/system/sockets.target.wants/sshd.socket'
# systemctl start sshd.socket
# systemctl status sshd.socket
sshd.socket - SSH Socket for Per-Connection Servers
	  Loaded: loaded (/etc/systemd/system/sshd.socket; enabled)
	  Active: active (listening) since Mon, 26 Sep 2011 20:24:31 +0200; 14s ago
	Accepted: 0; Connected: 0
	  CGroup: name=systemd:/system/sshd.socket

Accepted:
Connected:
$ systemctl --full | grep ssh
sshd@172.31.0.52:22-172.31.0.4:47779.service  loaded active running       SSH Per-Connection Server
sshd@172.31.0.52:22-172.31.0.54:52985.service loaded active running       SSH Per-Connection Server
sshd.socket                                   loaded active listening     SSH Socket for Per-Connection Servers

# systemctl kill sshd@172.31.0.52:22-172.31.0.4:47779.service
echo
time
daytime
discard
xinetd
xinetd
systemd
tty1
tty6
foobar.service
.service
/etc/systemd/system
/lib/systemd/system
foobar@quux.service
serial-getty@ttyS2.service
ttyS2
systemctl start
# systemctl start serial-getty@ttyUSB0.service
serial-getty@ttyUSB0.service
serial-getty@.service
/lib/systemd/system/serial-getty@.service
[Unit]
Description=Serial Getty on %I
BindTo=dev-%i.device
After=dev-%i.device systemd-user-sessions.service

[Service]
ExecStart=-/sbin/agetty -s %I 115200,38400,9600
Restart=always
RestartSec=0

%I
%i
%I
%i
serial-getty@ttyUSB0.service
%I
%i
ttyUSB0
systemctl status
serial-getty@ttyUSB0.service
$ systemctl status serial-getty@ttyUSB0.service
serial-getty@ttyUSB0.service - Getty on ttyUSB0
	  Loaded: loaded (/lib/systemd/system/serial-getty@.service; static)
	  Active: active (running) since Mon, 26 Sep 2011 04:20:44 +0200; 2s ago
	Main PID: 5443 (agetty)
	  CGroup: name=systemd:/system/getty@.service/ttyUSB0
		  └ 5443 /sbin/agetty -s ttyUSB0 115200,38400,9600

.wants/
ttyUSB0
# ln -s /lib/systemd/system/serial-getty@.service /etc/systemd/system/getty.target.wants/serial-getty@ttyUSB0.service
systemctl start
serial-getty@.service
/etc/systemd/system
%i
%I
%i
%I
ttyUSB0
/
serial/by-path/pci-0000:00:1d.0-usb-0:1.4:1.1-port0
serial-by\x2dpath-pci\x2d0000:00:1d.0\x2dusb\x2d0:1.4:1.1\x2dport0
%I
%i
%i
%I
# systemctl start 'serial-getty@serial-by\x2dpath-pci\x2d0000:00:1d.0\x2dusb\x2d0:1.4:1.1\x2dport0.service'
# systemctl status 'serial-getty@serial-by\x2dpath-pci\x2d0000:00:1d.0\x2dusb\x2d0:1.4:1.1\x2dport0.service'
serial-getty@serial-by\x2dpath-pci\x2d0000:00:1d.0\x2dusb\x2d0:1.4:1.1\x2dport0.service - Serial Getty on serial/by-path/pci-0000:00:1d.0-usb-0:1.4:1.1-port0
	  Loaded: loaded (/lib/systemd/system/serial-getty@.service; static)
	  Active: active (running) since Mon, 26 Sep 2011 05:08:52 +0200; 1s ago
	Main PID: 5788 (agetty)
	  CGroup: name=systemd:/system/serial-getty@.service/serial-by\x2dpath-pci\x2d0000:00:1d.0\x2dusb\x2d0:1.4:1.1\x2dport0
		  └ 5788 /sbin/agetty -s serial/by-path/pci-0000:00:1d.0-usb-0:1.4:1.1-port0 115200 38400 9600

%i
%I
inetd
StandardOutput=syslog
StandardOutput=null
/etc/sysconfig/
/etc/default
/etc/sysconfig
/etc/default
/etc/sysconfig
/etc/rc.d/init.d
/etc/
/etc/sysconfig
/etc/default
/lib/systemd/system
/etc/systemd/system
/etc/sysconfig
/etc/sysconfig
/etc/sysconfig
-f
/etc/sysconfig
/etc/sysconfig
/etc/adjtime
/etc/sysconfig
systemctl enable
chkconfig on
/etc/load-modules.d
sysconfig
sysconfig
sysconfig
EnvironmentFile=-/etc/sysconfig/foobar
/usr/lib/<your package>/
exec
ExecStart=
git-svn
git svn clone http://svn.easysw.com/public/cups/trunk/ cups
git grep
launchd_checkin()
launchd_checkout()
launchd_checkin()
systemd_checkin()
launchd_checkin()
systemd_checkin()
sd_listen_fds()
sd-daemon.c
sd_is_socket()
launchd_checkin()
sd_listen_fds()
sd_is_socket()
Makefile
/etc/systemd/system
systemctl daemon-reload
systemctl start cups.socket
lpq
lpq
systemctl status cups.service
lpq
systemd
SYSTEMD_WANTS=
SUBSYSTEM=="printer", TAG+="systemd", ENV{SYSTEMD_WANTS}="printer.target"
SUBSYSTEM=="usb", KERNEL=="lp*", TAG+="systemd", ENV{SYSTEMD_WANTS}="printer.target"
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ENV{ID_USB_INTERFACES}=="*:0701??:*", TAG+="systemd", ENV{SYSTEMD_WANTS}="printer.target"
printer.target
printer.target
WantedBy=printer.target

[Install]
Wants
printer.target
cups.service
systemctl
enable
printer.target
systemctl enable
systemctl disable
cups.path
/var/spool/cups
ln -s
/lib/systemd/system/cups.service
/etc/systemd/system/multi-user.target.wants/
[Install]
cups.service
systemctl enable
cups.service
systemctl disable cups.service
WantedBy=multi-user.target
Also=
cups.path
cups.socket
cups.service
[Install]
git format-patch -1
#systemd
#systemd
irc.freenode.org
So, please consider submitting something if you haven't done so yet. We
are looking for all kinds of technical talks covering everything audio
plumbing related: audio drivers, audio APIs, sound servers, pro audio,
consumer audio. If you can propose something audio related -- like talks
on media controller routing, on audio for ASOC/Embedded, submit
something! If you care for low-latency audio, submit something. If you
care about the Linux audio stack in general, submit something.

LPC is probably the most relevant technical conference on the general
Linux platform, so be sure that if you want your project, your work,
your ideas to be heard then this is the right forum for everything
related to the Linux stack. And the Audio track covers everything in our
Audio Stack, regardless whether it is pro or consumer audio.

So, please consider submitting something if you haven't done so yet. We
are looking for all kinds of technical talks covering everything from
the BIOS (i.e. CoreBoot and friends), over boot loaders (i.e. GRUB and
friends), to initramfs (i.e. Dracut and friends) and init systems
(i.e. systemd and friends). If you have something smart to say about any
of these areas or maybe about related tools (i.e. you wrote a fancy new
tool to measure boot performance) or fancy boot schemes in your
favourite Linux based OS (i.e. the new Meego zero second boot ;-)) then
don't hesitate to submit something on the LPC web site, in the Boot&Init
track!
poll()
select()
wait
nowait
/dev/log
/run/dbus/system_bus_socket
/dev/log
/dev/log
/proc/kmsg
/dev/input/*
foobard
/* Source Code Example #1: ORIGINAL, NOT SOCKET-ACTIVATABLE SERVICE */
...
union {
        struct sockaddr sa;
        struct sockaddr_un un;
} sa;
int fd;

fd = socket(AF_UNIX, SOCK_STREAM, 0);
if (fd < 0) {
        fprintf(stderr, "socket(): %m\n");
        exit(1);
}

memset(&sa, 0, sizeof(sa));
sa.un.sun_family = AF_UNIX;
strncpy(sa.un.sun_path, "/run/foobar.sk", sizeof(sa.un.sun_path));

if (bind(fd, &sa.sa, sizeof(sa)) < 0) {
        fprintf(stderr, "bind(): %m\n");
        exit(1);
}

if (listen(fd, SOMAXCONN) < 0) {
        fprintf(stderr, "listen(): %m\n");
        exit(1);
}
...

/* Source Code Example #2: UPDATED, SOCKET-ACTIVATABLE SERVICE */
...
#include "sd-daemon.h"
...
int fd;

if (sd_listen_fds(0) != 1) {
        fprintf(stderr, "No or too many file descriptors received.\n");
        exit(1);
}

fd = SD_LISTEN_FDS_START + 0;
...

/* Source Code Example #3: UPDATED, SOCKET-ACTIVATABLE SERVICE WITH COMPATIBILITY */
...
#include "sd-daemon.h"
...
int fd, n;

n = sd_listen_fds(0);
if (n > 1) {
        fprintf(stderr, "Too many file descriptors received.\n");
        exit(1);
} else if (n == 1)
        fd = SD_LISTEN_FDS_START + 0;
else {
        union {
                struct sockaddr sa;
                struct sockaddr_un un;
        } sa;

        fd = socket(AF_UNIX, SOCK_STREAM, 0);
        if (fd < 0) {
                fprintf(stderr, "socket(): %m\n");
                exit(1);
        }

        memset(&sa, 0, sizeof(sa));
        sa.un.sun_family = AF_UNIX;
        strncpy(sa.un.sun_path, "/run/foobar.sk", sizeof(sa.un.sun_path));

        if (bind(fd, &sa.sa, sizeof(sa)) < 0) {
                fprintf(stderr, "bind(): %m\n");
                exit(1);
        }

        if (listen(fd, SOMAXCONN) < 0) {
                fprintf(stderr, "listen(): %m\n");
                exit(1);
        }
}
...

foobar.socket
[Socket]
ListenStream=/run/foobar.sk

[Install]
WantedBy=sockets.target

foobar.service
[Service]
ExecStart=/usr/bin/foobard

/etc/systemd/system
# systemctl enable foobar.socket
# systemctl start foobar.socket
/run/foobar.sk
foobar.service
[Service]
ExecStart=/usr/bin/foobard

[Install]
WantedBy=multi-user.target

# systemctl enable foobar.service
# systemctl start foobar.service
sd_listen_fds()
sd-daemon.c
sd-daemon.c
sd_listen_fds()
sd_is_socket()
#systemd
/proc/sys
/run
/dev
/etc/fstab
utmp
/etc
/etc/fstab
/etc/crypttab
/etc/sysctl.conf
#ifdef
/etc/hostname
/etc/sysconfig/network
/etc/HOSTNAME
/etc/hostname
/etc/vconsole.conf
/etc/locale.conf
/etc/modules-load.d/*.conf
/etc/sysctl.d/*.conf
/etc/sysctl.conf
/etc/tmpfiles.d/*.conf
/etc/binfmt.d/*.conf
/etc/os-release
/etc/fedora-release
/etc/machine-id
/etc/machine-info
/etc/favicon.png
/etc/binfmt.d/
/run
/var/run
/etc/tmpfiles.d
/etc/vconsole.conf
/etc/bikeshed.conf
systemd[1]: Startup finished in 2s 65ms 924us (kernel) + 2s 828ms 195us (initrd) + 11s 900ms 471us (userspace) = 16s 794ms 590us.
systemd-analyze blame
$ systemd-analyze blame
  6207ms udev-settle.service
  5228ms cryptsetup@luks\x2d9899b85d\x2df790\x2d4d2a\x2da650\x2d8b7d2fb92cc3.service
   735ms NetworkManager.service
   642ms avahi-daemon.service
   600ms abrtd.service
   517ms rtkit-daemon.service
   478ms fedora-storage-init.service
   396ms dbus.service
   390ms rpcidmapd.service
   346ms systemd-tmpfiles-setup.service
   322ms fedora-sysinit-unhack.service
   316ms cups.service
   310ms console-kit-log-system-start.service
   309ms libvirtd.service
   303ms rpcbind.service
   298ms ksmtuned.service
   288ms lvm2-monitor.service
   281ms rpcgssd.service
   277ms sshd.service
   276ms livesys.service
   267ms iscsid.service
   236ms mdmonitor.service
   234ms nfslock.service
   223ms ksm.service
   218ms mcelog.service
...
udev-settle.service
cryptsetup@luks\x2d9899b85d\x2df790\x2d4d2a\x2da650\x2d8b7d2fb92cc3.service
udev-settle.service
udev-settle.service
udev-settle.service
udev-settle.service
# ln -s /dev/null /etc/systemd/system/udev-settle.service
# ln -s /dev/null /etc/systemd/system/fedora-wait-storage.service
# ln -s /dev/null /etc/systemd/system/fedora-storage-init.service
# systemctl daemon-reload
/home
noauto
/home
/var
comment=systemd.automount
/etc/fstab
/home
/etc/fstab
systemd[1]: Startup finished in 2s 47ms 112us (kernel) + 2s 663ms 942us (initrd) + 5s 540ms 522us (userspace) = 10s 251ms 576us.
systemd-analyze blame
systemd-analyize plot
$ systemd-analyze plot > plot.svg
$ eog plot.svg
systemd-analyze plot
systemd-analyze blame
systemd-analyze plot
udev-settle.service
systemd-analyze
--iter-time
chroot()
chroot()
chroot()
/proc
/sys
chroot(1)
/sbin/service
/run/systemd
ls -l
/proc/*/root
RootDirectory=
[Unit]
Description=A chroot()ed Service

[Service]
RootDirectory=/srv/chroot/foobar
ExecStartPre=/usr/local/bin/setup-foobar-chroot.sh
ExecStart=/usr/bin/foobard
RootDirectoryStartOnly=yes
RootDirectory=
ExecStart=
ExecStart=
/srv/chroot/foobar/usr/bin/foobard
setup-foobar-chroot.sh
/proc
RootDirectoryStartOnly=
ExecStart=
ExecStartPre=
/etc/systemd/system/foobar.service
systemctl start
foobar.service
systemctl
status foobar.service
chroot()
chroot()
ReadOnlyDirectories=
InaccessibleDirectories=
[Unit]
Description=A Service With No Access to /home

[Service]
ExecStart=/usr/bin/foobard
InaccessibleDirectories=/home
chroot()
chroot()
systemctl
systemctl enable
systemctl
disable
systemctl
restart
systemd-nspawn
/proc
/sys
# yum install debootstrap
# debootstrap --arch=amd64 unstable debian-tree/
# systemd-nspawn -D debian-tree/
# systemd-nspawn -D debian-tree/ /sbin/init
/sys
/proc/sys
systemd-nspawn
/proc
/sys
systemd-nspawn
systemd-nspawn
systemd-nspawn
ReadOnlyDirectories=
InaccessibleDirectories=
RootDirectory=
systemd-nspawn
$ systemctl stop ntpd.service
$ service ntpd stop
$ systemctl disable ntpd.service
$ chkconfig ntpd off
$ systemctl disable ntpd.service
$ systemctl stop ntpd.service
$ ln -s /dev/null /etc/systemd/system/ntpd.service
$ systemctl daemon-reload
/dev/null
/etc/systemd/system
/lib/systemd/system
/etc/systemd/system/ntpd.service
/lib/systemd/system/ntpd.service
/dev/null
systemctl start
exit 0
systemctl start
systemctl stop
systemctl enable
systemctl disable
rm
ln
killall rsyslogd
.pid
kill `cat
/var/run/syslogd.pid`
systemctl kill
# systemctl kill crond.service
# systemctl kill -s SIGKILL crond.service
# systemctl kill -s HUP --kill-who=main crond.service
systemctl stop
kill
stop
ExecStop=
stop
kill
/etc/init.d/rc.sysinit
systemctl --force
poweroff
--force
--force
/sbin/reboot -f
/dev/log
systemctl kill
/etc/crypttab
systemctl start
/lib/systemd/system-generators
/tmp
tmpfiles
/var/run
/var/lock
/tmp
/etc/systemd/system
/dev/null
systemctl disable
systemctl
initscripts
/dev/console
/dev/tty0
/etc/rc.d/init.d/
start
stop
restart
$syslog
$local_fs
/usr/sbin/abrtd
[Unit]
Description=Daemon to detect crashing apps
After=syslog.target

[Service]
ExecStart=/usr/sbin/abrtd
Type=forking

[Install]
WantedBy=multi-user.target
[Unit]
[Unit]
After=
syslog.target
After=
[Service]
ExecStart=
Type=
forking
[Install]
multi-user.target
WantedBy=
systemctl enable
multi-user.target
/etc/systemd/system/abrtd.service
systemctl
daemon-reload
systemctl start
abrtd.service
systemctl status
abrtd.service
systemctl stop
abrtd.service
systemctl enable
abrtd.service
[Unit]
Description=ABRT Automated Bug Reporting Tool
After=syslog.target

[Service]
Type=dbus
BusName=com.redhat.abrt
ExecStart=/usr/sbin/abrtd -d -s

[Install]
WantedBy=multi-user.target
dbus
dbus
-d -s
com.redhat.abrt
Restart=restart-always
OOMScoreAdjust=-500
CPUSchedulingPolicy=idle
After=syslog.target
graphical.target
multi-user.target
ps
ps xaf
PR_SETNAME
argv[0]
ps
$ ps xawf -eo pid,user,cgroup,args
  PID USER     CGROUP                              COMMAND
    2 root     -                                   [kthreadd]
    3 root     -                                    \_ [ksoftirqd/0]
[...]
 4281 root     -                                    \_ [flush-8:0]
    1 root     name=systemd:/systemd-1             /sbin/init
  455 root     name=systemd:/systemd-1/sysinit.service /sbin/udevd -d
28188 root     name=systemd:/systemd-1/sysinit.service  \_ /sbin/udevd -d
28191 root     name=systemd:/systemd-1/sysinit.service  \_ /sbin/udevd -d
 1096 dbus     name=systemd:/systemd-1/dbus.service /bin/dbus-daemon --system --address=systemd: --nofork --systemd-activation
 1131 root     name=systemd:/systemd-1/auditd.service auditd
 1133 root     name=systemd:/systemd-1/auditd.service  \_ /sbin/audispd
 1135 root     name=systemd:/systemd-1/auditd.service      \_ /usr/sbin/sedispatch
 1171 root     name=systemd:/systemd-1/NetworkManager.service /usr/sbin/NetworkManager --no-daemon
 4028 root     name=systemd:/systemd-1/NetworkManager.service  \_ /sbin/dhclient -d -4 -sf /usr/libexec/nm-dhcp-client.action -pf /var/run/dhclient-wlan0.pid -lf /var/lib/dhclient/dhclient-7d32a784-ede9-4cf6-9ee3-60edc0bce5ff-wlan0.lease -
 1175 avahi    name=systemd:/systemd-1/avahi-daemon.service avahi-daemon: running [epsilon.local]
 1194 avahi    name=systemd:/systemd-1/avahi-daemon.service  \_ avahi-daemon: chroot helper
 1193 root     name=systemd:/systemd-1/rsyslog.service /sbin/rsyslogd -c 4
 1195 root     name=systemd:/systemd-1/cups.service cupsd -C /etc/cups/cupsd.conf
 1207 root     name=systemd:/systemd-1/mdmonitor.service mdadm --monitor --scan -f --pid-file=/var/run/mdadm/mdadm.pid
 1210 root     name=systemd:/systemd-1/irqbalance.service irqbalance
 1216 root     name=systemd:/systemd-1/dbus.service /usr/sbin/modem-manager
 1219 root     name=systemd:/systemd-1/dbus.service /usr/libexec/polkit-1/polkitd
 1242 root     name=systemd:/systemd-1/dbus.service /usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -B -u -f /var/log/wpa_supplicant.log -P /var/run/wpa_supplicant.pid
 1249 68       name=systemd:/systemd-1/haldaemon.service hald
 1250 root     name=systemd:/systemd-1/haldaemon.service  \_ hald-runner
 1273 root     name=systemd:/systemd-1/haldaemon.service      \_ hald-addon-input: Listening on /dev/input/event3 /dev/input/event9 /dev/input/event1 /dev/input/event7 /dev/input/event2 /dev/input/event0 /dev/input/event8
 1275 root     name=systemd:/systemd-1/haldaemon.service      \_ /usr/libexec/hald-addon-rfkill-killswitch
 1284 root     name=systemd:/systemd-1/haldaemon.service      \_ /usr/libexec/hald-addon-leds
 1285 root     name=systemd:/systemd-1/haldaemon.service      \_ /usr/libexec/hald-addon-generic-backlight
 1287 68       name=systemd:/systemd-1/haldaemon.service      \_ /usr/libexec/hald-addon-acpi
 1317 root     name=systemd:/systemd-1/abrtd.service /usr/sbin/abrtd -d -s
 1332 root     name=systemd:/systemd-1/getty@.service/tty2 /sbin/mingetty tty2
 1339 root     name=systemd:/systemd-1/getty@.service/tty3 /sbin/mingetty tty3
 1342 root     name=systemd:/systemd-1/getty@.service/tty5 /sbin/mingetty tty5
 1343 root     name=systemd:/systemd-1/getty@.service/tty4 /sbin/mingetty tty4
 1344 root     name=systemd:/systemd-1/crond.service crond
 1346 root     name=systemd:/systemd-1/getty@.service/tty6 /sbin/mingetty tty6
 1362 root     name=systemd:/systemd-1/sshd.service /usr/sbin/sshd
 1376 root     name=systemd:/systemd-1/prefdm.service /usr/sbin/gdm-binary -nodaemon
 1391 root     name=systemd:/systemd-1/prefdm.service  \_ /usr/libexec/gdm-simple-slave --display-id /org/gnome/DisplayManager/Display1 --force-active-vt
 1394 root     name=systemd:/systemd-1/prefdm.service      \_ /usr/bin/Xorg :0 -nr -verbose -auth /var/run/gdm/auth-for-gdm-f2KUOh/database -nolisten tcp vt1
 1495 root     name=systemd:/user/lennart/1             \_ pam: gdm-password
 1521 lennart  name=systemd:/user/lennart/1                 \_ gnome-session
 1621 lennart  name=systemd:/user/lennart/1                     \_ metacity
 1635 lennart  name=systemd:/user/lennart/1                     \_ gnome-panel
 1638 lennart  name=systemd:/user/lennart/1                     \_ nautilus
 1640 lennart  name=systemd:/user/lennart/1                     \_ /usr/libexec/polkit-gnome-authentication-agent-1
 1641 lennart  name=systemd:/user/lennart/1                     \_ /usr/bin/seapplet
 1644 lennart  name=systemd:/user/lennart/1                     \_ gnome-volume-control-applet
 1646 lennart  name=systemd:/user/lennart/1                     \_ /usr/sbin/restorecond -u
 1652 lennart  name=systemd:/user/lennart/1                     \_ /usr/bin/devilspie
 1662 lennart  name=systemd:/user/lennart/1                     \_ nm-applet --sm-disable
 1664 lennart  name=systemd:/user/lennart/1                     \_ gnome-power-manager
 1665 lennart  name=systemd:/user/lennart/1                     \_ /usr/libexec/gdu-notification-daemon
 1670 lennart  name=systemd:/user/lennart/1                     \_ /usr/libexec/evolution/2.32/evolution-alarm-notify
 1672 lennart  name=systemd:/user/lennart/1                     \_ /usr/bin/python /usr/share/system-config-printer/applet.py
 1674 lennart  name=systemd:/user/lennart/1                     \_ /usr/lib64/deja-dup/deja-dup-monitor
 1675 lennart  name=systemd:/user/lennart/1                     \_ abrt-applet
 1677 lennart  name=systemd:/user/lennart/1                     \_ bluetooth-applet
 1678 lennart  name=systemd:/user/lennart/1                     \_ gpk-update-icon
 1408 root     name=systemd:/systemd-1/console-kit-daemon.service /usr/sbin/console-kit-daemon --no-daemon
 1419 gdm      name=systemd:/systemd-1/prefdm.service /usr/bin/dbus-launch --exit-with-session
 1453 root     name=systemd:/systemd-1/dbus.service /usr/libexec/upowerd
 1473 rtkit    name=systemd:/systemd-1/rtkit-daemon.service /usr/libexec/rtkit-daemon
 1496 root     name=systemd:/systemd-1/accounts-daemon.service /usr/libexec/accounts-daemon
 1499 root     name=systemd:/systemd-1/systemd-logger.service /lib/systemd/systemd-logger
 1511 lennart  name=systemd:/systemd-1/prefdm.service /usr/bin/gnome-keyring-daemon --daemonize --login
 1534 lennart  name=systemd:/user/lennart/1        dbus-launch --sh-syntax --exit-with-session
 1535 lennart  name=systemd:/user/lennart/1        /bin/dbus-daemon --fork --print-pid 5 --print-address 7 --session
 1603 lennart  name=systemd:/user/lennart/1        /usr/libexec/gconfd-2
 1612 lennart  name=systemd:/user/lennart/1        /usr/libexec/gnome-settings-daemon
 1615 lennart  name=systemd:/user/lennart/1        /usr/libexec/gvfsd
 1626 lennart  name=systemd:/user/lennart/1        /usr/libexec//gvfs-fuse-daemon /home/lennart/.gvfs
 1634 lennart  name=systemd:/user/lennart/1        /usr/bin/pulseaudio --start --log-target=syslog
 1649 lennart  name=systemd:/user/lennart/1         \_ /usr/libexec/pulse/gconf-helper
 1645 lennart  name=systemd:/user/lennart/1        /usr/libexec/bonobo-activation-server --ac-activate --ior-output-fd=24
 1668 lennart  name=systemd:/user/lennart/1        /usr/libexec/im-settings-daemon
 1701 lennart  name=systemd:/user/lennart/1        /usr/libexec/gvfs-gdu-volume-monitor
 1707 lennart  name=systemd:/user/lennart/1        /usr/bin/gnote --panel-applet --oaf-activate-iid=OAFIID:GnoteApplet_Factory --oaf-ior-fd=22
 1725 lennart  name=systemd:/user/lennart/1        /usr/libexec/clock-applet
 1727 lennart  name=systemd:/user/lennart/1        /usr/libexec/wnck-applet
 1729 lennart  name=systemd:/user/lennart/1        /usr/libexec/notification-area-applet
 1733 root     name=systemd:/systemd-1/dbus.service /usr/libexec/udisks-daemon
 1747 root     name=systemd:/systemd-1/dbus.service  \_ udisks-daemon: polling /dev/sr0
 1759 lennart  name=systemd:/user/lennart/1        gnome-screensaver
 1780 lennart  name=systemd:/user/lennart/1        /usr/libexec/gvfsd-trash --spawner :1.9 /org/gtk/gvfs/exec_spaw/0
 1864 lennart  name=systemd:/user/lennart/1        /usr/libexec/gvfs-afc-volume-monitor
 1874 lennart  name=systemd:/user/lennart/1        /usr/libexec/gconf-im-settings-daemon
 1903 lennart  name=systemd:/user/lennart/1        /usr/libexec/gvfsd-burn --spawner :1.9 /org/gtk/gvfs/exec_spaw/1
 1909 lennart  name=systemd:/user/lennart/1        gnome-terminal
 1913 lennart  name=systemd:/user/lennart/1         \_ gnome-pty-helper
 1914 lennart  name=systemd:/user/lennart/1         \_ bash
29231 lennart  name=systemd:/user/lennart/1         |   \_ ssh tango
 2221 lennart  name=systemd:/user/lennart/1         \_ bash
 4193 lennart  name=systemd:/user/lennart/1         |   \_ ssh tango
 2461 lennart  name=systemd:/user/lennart/1         \_ bash
29219 lennart  name=systemd:/user/lennart/1         |   \_ emacs systemd-for-admins-1.txt
15113 lennart  name=systemd:/user/lennart/1         \_ bash
27251 lennart  name=systemd:/user/lennart/1             \_ empathy
29504 lennart  name=systemd:/user/lennart/1             \_ ps xawf -eo pid,user,cgroup,args
 1968 lennart  name=systemd:/user/lennart/1        ssh-agent
 1994 lennart  name=systemd:/user/lennart/1        gpg-agent --daemon --write-env-file
18679 lennart  name=systemd:/user/lennart/1        /bin/sh /usr/lib64/firefox-3.6/run-mozilla.sh /usr/lib64/firefox-3.6/firefox
18741 lennart  name=systemd:/user/lennart/1         \_ /usr/lib64/firefox-3.6/firefox
28900 lennart  name=systemd:/user/lennart/1             \_ /usr/lib64/nspluginwrapper/npviewer.bin --plugin /usr/lib64/mozilla/plugins/libflashplayer.so --connection /org/wrapper/NSPlugins/libflashplayer.so/18741-6
 4016 root     name=systemd:/systemd-1/sysinit.service /usr/sbin/bluetoothd --udev
 4094 smmsp    name=systemd:/systemd-1/sendmail.service sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
 4096 root     name=systemd:/systemd-1/sendmail.service sendmail: accepting connections
 4112 ntp      name=systemd:/systemd-1/ntpd.service /usr/sbin/ntpd -n -u ntp:ntp -g
27262 lennart  name=systemd:/user/lennart/1        /usr/libexec/mission-control-5
27265 lennart  name=systemd:/user/lennart/1        /usr/libexec/telepathy-haze
27268 lennart  name=systemd:/user/lennart/1        /usr/libexec/telepathy-logger
27270 lennart  name=systemd:/user/lennart/1        /usr/libexec/dconf-service
27280 lennart  name=systemd:/user/lennart/1        /usr/libexec/notification-daemon
27284 lennart  name=systemd:/user/lennart/1        /usr/libexec/telepathy-gabble
27285 lennart  name=systemd:/user/lennart/1        /usr/libexec/telepathy-salut
27297 lennart  name=systemd:/user/lennart/1        /usr/libexec/geoclue-yahoo
udev
name=systemd:/systemd-1/sysinit.service
sysinit.service
psc
alias psc='ps xawf -eo pid,user,cgroup,args'
systemd-cgls
$ systemd-cgls
+    2 [kthreadd]
[...]
+ 4281 [flush-8:0]
+ user
| \ lennart
|   \ 1
|     +  1495 pam: gdm-password
|     +  1521 gnome-session
|     +  1534 dbus-launch --sh-syntax --exit-with-session
|     +  1535 /bin/dbus-daemon --fork --print-pid 5 --print-address 7 --session
|     +  1603 /usr/libexec/gconfd-2
|     +  1612 /usr/libexec/gnome-settings-daemon
|     +  1615 /ushr/libexec/gvfsd
|     +  1621 metacity
|     +  1626 /usr/libexec//gvfs-fuse-daemon /home/lennart/.gvfs
|     +  1634 /usr/bin/pulseaudio --start --log-target=syslog
|     +  1635 gnome-panel
|     +  1638 nautilus
|     +  1640 /usr/libexec/polkit-gnome-authentication-agent-1
|     +  1641 /usr/bin/seapplet
|     +  1644 gnome-volume-control-applet
|     +  1645 /usr/libexec/bonobo-activation-server --ac-activate --ior-output-fd=24
|     +  1646 /usr/sbin/restorecond -u
|     +  1649 /usr/libexec/pulse/gconf-helper
|     +  1652 /usr/bin/devilspie
|     +  1662 nm-applet --sm-disable
|     +  1664 gnome-power-manager
|     +  1665 /usr/libexec/gdu-notification-daemon
|     +  1668 /usr/libexec/im-settings-daemon
|     +  1670 /usr/libexec/evolution/2.32/evolution-alarm-notify
|     +  1672 /usr/bin/python /usr/share/system-config-printer/applet.py
|     +  1674 /usr/lib64/deja-dup/deja-dup-monitor
|     +  1675 abrt-applet
|     +  1677 bluetooth-applet
|     +  1678 gpk-update-icon
|     +  1701 /usr/libexec/gvfs-gdu-volume-monitor
|     +  1707 /usr/bin/gnote --panel-applet --oaf-activate-iid=OAFIID:GnoteApplet_Factory --oaf-ior-fd=22
|     +  1725 /usr/libexec/clock-applet
|     +  1727 /usr/libexec/wnck-applet
|     +  1729 /usr/libexec/notification-area-applet
|     +  1759 gnome-screensaver
|     +  1780 /usr/libexec/gvfsd-trash --spawner :1.9 /org/gtk/gvfs/exec_spaw/0
|     +  1864 /usr/libexec/gvfs-afc-volume-monitor
|     +  1874 /usr/libexec/gconf-im-settings-daemon
|     +  1882 /usr/libexec/gvfs-gphoto2-volume-monitor
|     +  1903 /usr/libexec/gvfsd-burn --spawner :1.9 /org/gtk/gvfs/exec_spaw/1
|     +  1909 gnome-terminal
|     +  1913 gnome-pty-helper
|     +  1914 bash
|     +  1968 ssh-agent
|     +  1994 gpg-agent --daemon --write-env-file
|     +  2221 bash
|     +  2461 bash
|     +  4193 ssh tango
|     + 15113 bash
|     + 18679 /bin/sh /usr/lib64/firefox-3.6/run-mozilla.sh /usr/lib64/firefox-3.6/firefox
|     + 18741 /usr/lib64/firefox-3.6/firefox
|     + 27251 empathy
|     + 27262 /usr/libexec/mission-control-5
|     + 27265 /usr/libexec/telepathy-haze
|     + 27268 /usr/libexec/telepathy-logger
|     + 27270 /usr/libexec/dconf-service
|     + 27280 /usr/libexec/notification-daemon
|     + 27284 /usr/libexec/telepathy-gabble
|     + 27285 /usr/libexec/telepathy-salut
|     + 27297 /usr/libexec/geoclue-yahoo
|     + 28900 /usr/lib64/nspluginwrapper/npviewer.bin --plugin /usr/lib64/mozilla/plugins/libflashplayer.so --connection /org/wrapper/NSPlugins/libflashplayer.so/18741-6
|     + 29219 emacs systemd-for-admins-1.txt
|     + 29231 ssh tango
|     \ 29519 systemd-cgls
\ systemd-1
  + 1 /sbin/init
  + ntpd.service
  | \ 4112 /usr/sbin/ntpd -n -u ntp:ntp -g
  + systemd-logger.service
  | \ 1499 /lib/systemd/systemd-logger
  + accounts-daemon.service
  | \ 1496 /usr/libexec/accounts-daemon
  + rtkit-daemon.service
  | \ 1473 /usr/libexec/rtkit-daemon
  + console-kit-daemon.service
  | \ 1408 /usr/sbin/console-kit-daemon --no-daemon
  + prefdm.service
  | + 1376 /usr/sbin/gdm-binary -nodaemon
  | + 1391 /usr/libexec/gdm-simple-slave --display-id /org/gnome/DisplayManager/Display1 --force-active-vt
  | + 1394 /usr/bin/Xorg :0 -nr -verbose -auth /var/run/gdm/auth-for-gdm-f2KUOh/database -nolisten tcp vt1
  | + 1419 /usr/bin/dbus-launch --exit-with-session
  | \ 1511 /usr/bin/gnome-keyring-daemon --daemonize --login
  + getty@.service
  | + tty6
  | | \ 1346 /sbin/mingetty tty6
  | + tty4
  | | \ 1343 /sbin/mingetty tty4
  | + tty5
  | | \ 1342 /sbin/mingetty tty5
  | + tty3
  | | \ 1339 /sbin/mingetty tty3
  | \ tty2
  |   \ 1332 /sbin/mingetty tty2
  + abrtd.service
  | \ 1317 /usr/sbin/abrtd -d -s
  + crond.service
  | \ 1344 crond
  + sshd.service
  | \ 1362 /usr/sbin/sshd
  + sendmail.service
  | + 4094 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
  | \ 4096 sendmail: accepting connections
  + haldaemon.service
  | + 1249 hald
  | + 1250 hald-runner
  | + 1273 hald-addon-input: Listening on /dev/input/event3 /dev/input/event9 /dev/input/event1 /dev/input/event7 /dev/input/event2 /dev/input/event0 /dev/input/event8
  | + 1275 /usr/libexec/hald-addon-rfkill-killswitch
  | + 1284 /usr/libexec/hald-addon-leds
  | + 1285 /usr/libexec/hald-addon-generic-backlight
  | \ 1287 /usr/libexec/hald-addon-acpi
  + irqbalance.service
  | \ 1210 irqbalance
  + avahi-daemon.service
  | + 1175 avahi-daemon: running [epsilon.local]
  + NetworkManager.service
  | + 1171 /usr/sbin/NetworkManager --no-daemon
  | \ 4028 /sbin/dhclient -d -4 -sf /usr/libexec/nm-dhcp-client.action -pf /var/run/dhclient-wlan0.pid -lf /var/lib/dhclient/dhclient-7d32a784-ede9-4cf6-9ee3-60edc0bce5ff-wlan0.lease -cf /var/run/nm-dhclient-wlan0.conf wlan0
  + rsyslog.service
  | \ 1193 /sbin/rsyslogd -c 4
  + mdmonitor.service
  | \ 1207 mdadm --monitor --scan -f --pid-file=/var/run/mdadm/mdadm.pid
  + cups.service
  | \ 1195 cupsd -C /etc/cups/cupsd.conf
  + auditd.service
  | + 1131 auditd
  | + 1133 /sbin/audispd
  | \ 1135 /usr/sbin/sedispatch
  + dbus.service
  | +  1096 /bin/dbus-daemon --system --address=systemd: --nofork --systemd-activation
  | +  1216 /usr/sbin/modem-manager
  | +  1219 /usr/libexec/polkit-1/polkitd
  | +  1242 /usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -B -u -f /var/log/wpa_supplicant.log -P /var/run/wpa_supplicant.pid
  | +  1453 /usr/libexec/upowerd
  | +  1733 /usr/libexec/udisks-daemon
  | +  1747 udisks-daemon: polling /dev/sr0
  | \ 29509 /usr/libexec/packagekitd
  + dev-mqueue.mount
  + dev-hugepages.mount
  \ sysinit.service
    +   455 /sbin/udevd -d
    +  4016 /usr/sbin/bluetoothd --udev
    + 28188 /sbin/udevd -d
    \ 28191 /sbin/udevd -d
auditd.service
auditd
audisp
sedispatch
/user/1
.timer
.swap
.path
gdbus
d-feet
/var/run
systemd-cgls
/cgroup/systemd
/sys/fs/
systemctl
dot
/dev/log
/dev/log
kmsg
dmesg
binfmt_misc
hugetlbfs
[ OK ]
[ FAILED ]
systemctl
[root@lambda] ~# systemctl
UNIT                                          LOAD   ACTIVE       SUB          JOB             DESCRIPTION
dev-hugepages.automount                       loaded active       running                      Huge Pages File System Automount Point
dev-mqueue.automount                          loaded active       running                      POSIX Message Queue File System Automount Point
proc-sys-fs-binfmt_misc.automount             loaded active       waiting                      Arbitrary Executable File Formats File System Automount Point
sys-kernel-debug.automount                    loaded active       waiting                      Debug File System Automount Point
sys-kernel-security.automount                 loaded active       waiting                      Security File System Automount Point
sys-devices-pc...0000:02:00.0-net-eth0.device loaded active       plugged                      82573L Gigabit Ethernet Controller
[...]
sys-devices-virtual-tty-tty9.device           loaded active       plugged                      /sys/devices/virtual/tty/tty9
-.mount                                       loaded active       mounted                      /
boot.mount                                    loaded active       mounted                      /boot
dev-hugepages.mount                           loaded active       mounted                      Huge Pages File System
dev-mqueue.mount                              loaded active       mounted                      POSIX Message Queue File System
home.mount                                    loaded active       mounted                      /home
proc-sys-fs-binfmt_misc.mount                 loaded active       mounted                      Arbitrary Executable File Formats File System
abrtd.service                                 loaded active       running                      ABRT Automated Bug Reporting Tool
accounts-daemon.service                       loaded active       running                      Accounts Service
acpid.service                                 loaded active       running                      ACPI Event Daemon
atd.service                                   loaded active       running                      Execution Queue Daemon
auditd.service                                loaded active       running                      Security Auditing Service
avahi-daemon.service                          loaded active       running                      Avahi mDNS/DNS-SD Stack
bluetooth.service                             loaded active       running                      Bluetooth Manager
console-kit-daemon.service                    loaded active       running                      Console Manager
cpuspeed.service                              loaded active       exited                       LSB: processor frequency scaling support
crond.service                                 loaded active       running                      Command Scheduler
cups.service                                  loaded active       running                      CUPS Printing Service
dbus.service                                  loaded active       running                      D-Bus System Message Bus
getty@tty2.service                            loaded active       running                      Getty on tty2
getty@tty3.service                            loaded active       running                      Getty on tty3
getty@tty4.service                            loaded active       running                      Getty on tty4
getty@tty5.service                            loaded active       running                      Getty on tty5
getty@tty6.service                            loaded active       running                      Getty on tty6
haldaemon.service                             loaded active       running                      Hardware Manager
hdapsd@sda.service                            loaded active       running                      sda shock protection daemon
irqbalance.service                            loaded active       running                      LSB: start and stop irqbalance daemon
iscsi.service                                 loaded active       exited                       LSB: Starts and stops login and scanning of iSCSI devices.
iscsid.service                                loaded active       exited                       LSB: Starts and stops login iSCSI daemon.
livesys-late.service                          loaded active       exited                       LSB: Late init script for live image.
livesys.service                               loaded active       exited                       LSB: Init script for live image.
lvm2-monitor.service                          loaded active       exited                       LSB: Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling
mdmonitor.service                             loaded active       running                      LSB: Start and stop the MD software RAID monitor
modem-manager.service                         loaded active       running                      Modem Manager
netfs.service                                 loaded active       exited                       LSB: Mount and unmount network filesystems.
NetworkManager.service                        loaded active       running                      Network Manager
ntpd.service                                  loaded maintenance  maintenance                  Network Time Service
polkitd.service                               loaded active       running                      Policy Manager
prefdm.service                                loaded active       running                      Display Manager
rc-local.service                              loaded active       exited                       /etc/rc.local Compatibility
rpcbind.service                               loaded active       running                      RPC Portmapper Service
rsyslog.service                               loaded active       running                      System Logging Service
rtkit-daemon.service                          loaded active       running                      RealtimeKit Scheduling Policy Service
sendmail.service                              loaded active       running                      LSB: start and stop sendmail
sshd@172.31.0.53:22-172.31.0.4:36368.service  loaded active       running                      SSH Per-Connection Server
sysinit.service                               loaded active       running                      System Initialization
systemd-logger.service                        loaded active       running                      systemd Logging Daemon
udev-post.service                             loaded active       exited                       LSB: Moves the generated persistent udev rules to /etc/udev/rules.d
udisks.service                                loaded active       running                      Disk Manager
upowerd.service                               loaded active       running                      Power Manager
wpa_supplicant.service                        loaded active       running                      Wi-Fi Security Service
avahi-daemon.socket                           loaded active       listening                    Avahi mDNS/DNS-SD Stack Activation Socket
cups.socket                                   loaded active       listening                    CUPS Printing Service Sockets
dbus.socket                                   loaded active       running                      dbus.socket
rpcbind.socket                                loaded active       listening                    RPC Portmapper Socket
sshd.socket                                   loaded active       listening                    sshd.socket
systemd-initctl.socket                        loaded active       listening                    systemd /dev/initctl Compatibility Socket
systemd-logger.socket                         loaded active       running                      systemd Logging Socket
systemd-shutdownd.socket                      loaded active       listening                    systemd Delayed Shutdown Socket
dev-disk-by\x1...x1db22a\x1d870f1adf2732.swap loaded active       active                       /dev/disk/by-uuid/fd626ef7-34a4-4958-b22a-870f1adf2732
basic.target                                  loaded active       active                       Basic System
bluetooth.target                              loaded active       active                       Bluetooth
dbus.target                                   loaded active       active                       D-Bus
getty.target                                  loaded active       active                       Login Prompts
graphical.target                              loaded active       active                       Graphical Interface
local-fs.target                               loaded active       active                       Local File Systems
multi-user.target                             loaded active       active                       Multi-User
network.target                                loaded active       active                       Network
remote-fs.target                              loaded active       active                       Remote File Systems
sockets.target                                loaded active       active                       Sockets
swap.target                                   loaded active       active                       Swap
sysinit.target                                loaded active       active                       System Initialization

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.
JOB    = Pending job for the unit.

221 units listed. Pass --all to see inactive units, too.
[root@lambda] ~#
systemctl status
[root@lambda] ~# systemctl status ntpd.service
ntpd.service - Network Time Service
	  Loaded: loaded (/etc/systemd/system/ntpd.service)
	  Active: maintenance
	    Main: 953 (code=exited, status=255)
	  CGroup: name=systemd:/systemd-1/ntpd.service
[root@lambda] ~#
systemctl
status
systemctl
systemctl
status
systemctl status
/me is amused
$HOME
/home
lockd
fpathconf()
fcntl(F_SET_LK)
close()
/etc/passwd
getpwuid()
/etc/passwd
lockf()
flock()
fork()
exec()
close()
flock()
fcntl(F_SET_LK)
/tmp
/sys/class/dmi/id/product_uuid
CPUID/EAX=3
/sys/class/net/*/address
/sys/bus/usb/devices/*/serial
/proc/sys/kernel/random/boot_id
gethostname()
/proc/sys/kernel/hostname
localhost
gethostname()
gethostid()
/etc/hostid
/etc/hostid
/var/lib/dbus/machine-id
/var/lib/dbus/machine-id
libdbus
dbus_get_local_machine_id()
/proc/self/sessionid
(uint32_t) -1
/proc/sys/kernel/random/boot_id
getuid()
/var/lib/dbus/machine-id
ID_FS_UUID
/proc/sys/kernel/random/uuid
/dev/urandom
/var/lib/dbus/machine-id
/proc/self/sessionid
/proc/sys/kernel/random/boot_id
getuid()
/dev/urandom
prctl(PR_SET_NAME)
/proc
/proc/$PID/task/$TID/comm
/proc/$PID/task/$TID/stat
info
threads
.desktop
memlock()
/var/run/dbus/system_bus_socket
/dev/log
/var/run/cups/cups.sock
/var/run/rpcbind.sock
exec()
/dev/log
inetd
exec()
inetd
inetd
inetd
wait
nowait
inetd.conf
/etc/fstab
connect()
open()
/
/home
/bin/bash
/etc/init.d
grep
awk
cut
sed
echo $$
setrlimit()
setrlimit()
/proc/$PID/cgroup
setrlimit()
ioprio_set()
IOPRIO_CLASS_IDLE
locate
updatedb
/dev/kmsg
syslog-started
dbus-started
NetworkManager
D-Bus
start on
    (local-filesystems and net-device-up IFACE=lo)
systemd
avahi.service
service
/etc/init.d
socket
socket
service
nscd.socket
nscd.service
device
device
udev
mount
/etc/fstab
service
automount
automount
mount
target
multi-user.target
bluetooth.target
bluetoothd
obexd
snapshot
target
/home/lennart
/home
/tmp
/dev/kmsg
.desktop
/etc/rc.d
/etc/fstab
comment=
/etc/fstab
systemd
/etc/systemd/system/avahi.service
/etc/init.d/avahi
getty@.service
getty@tty2.service
dhcpcd@eth0.service
avahi-autoipd@eth0.service
eth0
sshd.socket
sshd@192.168.0.1-4711-192.168.0.2-22.service
sshd@.service/192.168.0.1-4711-192.168.0.2-22
$LISTEN_FDS
.service
fstat()
getsockname()
$LISTEN_PID
/dev/initctl
shutdown
poweroff
sysvinit
utmp
wtmp
utmp
wtmp
After
Before
Requires
Wants
Conflicts
After
Before
Wants
/proc
/sys
/dev
daemonize()
systemd.confirm_spawn=1
systemd.default=
multi-user.target
emergency.service
init=/bin/bash
systemadm
swap
timer
cron
gnome-session
kdeinit
dmesg
qemu
systemd
systemadm
ps
ps xaf -eo
    pid,user,args,cgroup
debug:
setsid()
$LISTEN_FDS
$LISTEN_PID
#systemd
m = -n*ln(p)/(ln(2)^2)
k = 0.7*m/n
rsvg_term()
xmlCleanupParser()
rsvg_term()
/sys
udevadm info
udev-browse
udev-browse
/sys
udev-browse
/sys/class/dmi/id/
dmidecode
$ read bv < /sys/class/dmi/id/bios_vendor
$ echo $bv
dmidecode
mutrace
matrace
mutrace
mutrace
mutrace
mutrace
mutrace
gedit
gio
mutrace
$ LD_PRELOAD=/home/lennart/projects/mutrace/libmutrace.so gedit
mutrace: 0.1 sucessfully initialized.

mutrace
mutrace: 10 most contended mutexes:

 Mutex #   Locked  Changed    Cont. tot.Time[ms] avg.Time[ms] max.Time[ms]       Type
      35   368268      407      275      120,822        0,000        0,894     normal
       5   234645      100       21       86,855        0,000        0,494     normal
      26   177324       47        4       98,610        0,001        0,150     normal
      19    55758       53        2       23,931        0,000        0,092     normal
      53      106       73        1        0,769        0,007        0,160     normal
      25    15156       70        1        6,633        0,000        0,019     normal
       4      973       10        1        4,376        0,004        0,174     normal
      75       68       62        0        0,038        0,001        0,004     normal
       9     1663       52        0        1,068        0,001        0,412     normal
       3   136553       41        0       61,408        0,000        0,281     normal
     ...      ...      ...      ...          ...          ...          ...        ...

mutrace: Total runtime 9678,142 ms.

s/,/./g
Mutex #35 (0x0x7f48c7057d28) first referenced by:
	/home/lennart/projects/mutrace/libmutrace.so(pthread_mutex_lock+0x70) [0x7f48c97dc900]
	/lib64/libglib-2.0.so.0(g_static_rw_lock_writer_lock+0x6a) [0x7f48c674a03a]
	/lib64/libgobject-2.0.so.0(g_type_init_with_debug_flags+0x4b) [0x7f48c6e38ddb]
	/usr/lib64/libgdk-x11-2.0.so.0(gdk_pre_parse_libgtk_only+0x8c) [0x7f48c853171c]
	/usr/lib64/libgtk-x11-2.0.so.0(+0x14b31f) [0x7f48c891831f]
	/lib64/libglib-2.0.so.0(g_option_context_parse+0x90) [0x7f48c67308e0]
	/usr/lib64/libgtk-x11-2.0.so.0(gtk_parse_args+0xa1) [0x7f48c8918021]
	/usr/lib64/libgtk-x11-2.0.so.0(gtk_init_check+0x9) [0x7f48c8918079]
	/usr/lib64/libgtk-x11-2.0.so.0(gtk_init+0x9) [0x7f48c89180a9]
	/usr/bin/gedit(main+0x166) [0x427fc6]
	/lib64/libc.so.6(__libc_start_main+0xfd) [0x7f48c5b42b4d]
	/usr/bin/gedit() [0x4276c9]

type_rw_lock
gobject/gtype.c
mutrace
stdio
mutrace
-rdynamic
mutrace
mutrace
mutrace
MUTRACE_xxx
mutrace
pthread_key_create()
destructor
-z nodelete
-z nodelete
/usr/share/pulseaudio/alsa-mixer/
Yes. You shouldn't misuse the fragments logic of sound devices. It's
like this:

   The latency is defined by the buffer size.
   The wakeup interval is defined by the fragment size.

The buffer fill level will oscillate between 'full buffer' and 'full
buffer minus 1x fragment size minus OS scheduling latency'. Setting
smaller fragment sizes will increase the CPU load and decrease battery
time since you force the CPU to wake up more often. OTOH it increases
drop out safety, since you fill up playback buffer earlier. Choosing
the fragment size is hence something which you should do balancing out
your needs between power consumption and drop-out safety. With modern
processors and a good OS scheduler like the Linux one setting the
fragment size to anything other than half the buffer size does not
make much sense.

Your [Ekiga's ptlib driver that is] ALSA output is configured
to set the the fragment size to the size of your codec audio
frames. And that's a bad idea. Because the codec frame size has not
been chosen based on power consumption or drop-out safety
reasoning. It has been chosen by the codec designers based on
different reasoning, such as latency.

You probably configured your backend this ways because the ALSA
library docs say that it is recommended to write to the sound card in
multiples of the fragment size. However deducing from this that you
hence should configure the fragment size to the codec frame size is
wrong!

The best way to implement playback these days for ALSA is to write as
much as snd_pcm_avail() tells you to each time you wake up due to
POLLOUT on the sound card. If that is not a multiple of your codec
frame size then you need to buffer the the remainder of the decoded
data yourself in system memory.

The ALSA fragment size you should normally set as large as possible
given your latency constraints but that you have at least two
fragments in your buffer size.

I hope this explains a bit how frag_size/buffer_size should be
chosen. If you have questions, just ask.

(Oh, ALSA uses the term 'period' for what I call 'fragment'
above. It's synonymous)

$ bzr get http://www.mega-nerd.com/Bzr/libsndfile-pub/
bzr: ERROR: Not a branch: "http://www.mega-nerd.com/Bzr/libsndfile-pub/".
get
$ bzr clone http://www.mega-nerd.com/Bzr/libsndfile-pub/
$ bzr checkout http://www.mega-nerd.com/Bzr/libsndfile-pub/
$ bzr waldo http://www.mega-nerd.com/Bzr/libsndfile-pub/
bzr: ERROR: unknown command "waldo"
$ man bzr-get
No manual entry for bzr-get
$ man bzr
bzr get
/bzr get
Pattern not found  (press RETURN)
/bzr clone
Pattern not found  (press RETURN)
get
bzr export
bzr
help
get
~/projects/pulseaudio$ copyright.py src/pulsecore/sink.c src/pulsecore/core-util.c
File: src/pulsecore/sink.c
	Copyright 2004, 2006-2009 Lennart Poettering
	Copyright 2006-2007 Pierre Ossman
	Copyright 2008-2009 Marc-Andre Lureau
File: src/pulsecore/core-util.c
	Copyright 2004, 2006-2009 Lennart Poettering
	Copyright 2006-2007 Pierre Ossman
	Copyright 2008 Stelian Ionescu
	Copyright 2009 Jared D. McNeill
	Copyright 2009 Marc-Andre Lureau

main()
...
g_set_application_name(_("Totem Movie Player"));
gtk_window_set_default_icon_name("totem");
g_setenv("PULSE_PROP_media.role", "video", TRUE);
...

g_set_application_name()
gtk_window_set_default_icon_name()
org.foobar.AwesomeStuff1
org.foobar.AwesomeStuff2
org.freedesktop.DBus.Error.UnknownMethod
org.foobar.AwesomeService1
:1.42
org.foobar.AwesomeService1
/org/foobar/AwesomeStuff1
/org/foobar/AwesomeStuff2
/
/
/org/foobar/AwesomeStuff
pactl
pacmd
list-cards
pacmd
/tmp/core.*/
#!/bin/bash
set -e
export PATH=/sbin:/bin:/usr/sbin:/usr/bin
DIR="/tmp/core.$1.$2"
umask 077
mkdir "$DIR"
cat > "$DIR/core"
exec &> "$DIR/dump.log"
set +e
echo "$1" > "$DIR/pid"
echo "$2" > "$DIR/timestamp"
echo "$3" > "$DIR/uid"
echo "$4" > "$DIR/gid"
echo "$5" > "$DIR/signal"
echo "$6" > "$DIR/hostname"
set -x
fauxv "$DIR/core" > "$DIR/auxv"
fexe "$DIR/core" > "$DIR/exe"
fmaps "$DIR/core" > "$DIR/maps"
PKGS=`/usr/bin/fdebuginfo "$DIR/core" | grep "\-\-\-" | cut -d ' ' -f 1 | sort | uniq | grep '^/'| xargs rpm -qf | sort | uniq`
[ "x$PKGS" != x ] && debuginfo-install -y $PKGS
fstack -rich "$DIR/core" > "$DIR/fstack"
set +x
(
	echo "Application `cat "$DIR/exe"` (pid=$1,uid=$3,gid=$4) crashed with signal $5."
	echo "Stack trace follows:"
	cat "$DIR/fstack"
	echo "Auxiliary vector:"
	cat "$DIR/auxv"
	echo "Maps:"
	cat "$DIR/maps"
	echo "For details check $DIR"
) | logger -p local6.info -t "frysk-core-dump-$1"

$SOMEWHERE/frysk-core-dump
chmod +x $SOMEWHERE/frysk-core-dump
chown root:root $SOMEWHERE/frysk-core-dump
# echo "|$SOMEWHERE/frysk-core-dump %p %t %u %g %s %h" > /proc/sys/kernel/core_pattern

ulimit -c
unlimited
/etc/security/limits.conf
sleep 4711
/var/log/messages
snd_async_add_pcm_handler()
snd_config_xxx()
snd_device_name_hint()
/proc/asound/
surround51
snd_card_xxx()
snd_device_name_hint()
snd_card_xxx()
snd_card_load()
hw:0
plughw:0
dmix
default
front
surround40
surround41
surround51
default
plug:
snd_pcm_avail_update()
snd_pcm_delay()
snd_pcm_recover()
snd_pcm_rewind()
snd_spcm_xxx()
snd_device_name_hint()
snd_smixer_xx()
snd_ctl_xxx()
snd_pcm_delay()
snd_pcm_update_avail()
snd_pcm_recover()
snd_pcm_rewind()
strpool.c
/* %STRINGPOOLSTART% */
/* %STRINGPOOLSTOP% */
_P()
strpool.c
strpool.c
static const char* const table[] = {
	"waldo",
	"uxknurz",
	"foobar",
	"fubar"
};

static int main(int argc, char* argv[]) {
	printf("%s\n", table[2]);
	return 1;
}

strpool.c
#ifndef STRPOOL
#define _P(x) x
#endif

/* %STRINGPOOLSTART% */
static const char* const table[] = {
	"waldo",
	"uxknurz",
	"foobar",
	"fubar"
};
/* %STRINGPOOLSTOP% */

static int main(int argc, char* argv[]) {
	printf("%s\n", _P(table[2]));
	return 1;
}

strpool.c
/* Saved 3 relocations, saved 0 strings (0 b) due to suffix compression. */
static const char _strpool_[] =
	"waldo\0"
	"uxknurz\0"
	"foobar\0"
	"fubar\0";
#ifndef STRPOOL
#define STRPOOL
#endif
#ifndef _P
#define _P(x) (_strpool_ + ((x) - (const char*) 1))
#endif

#ifndef STRPOOL
#define _P(x) x
#endif

/* %STRINGPOOLSTART% */
static const char* const table[] = {
	((const char*) 1),
	((const char*) 7),
	((const char*) 15),
	((const char*) 22)
};
/* %STRINGPOOLSTOP% */

static int main(int argc, char* argv[]) {
	printf("%s\n", _P(table[2]));
	return 1;
}

strpool.c
strpool.c
#gnome-hackers
pavucontrol
fglrx
libatasmart
smartctl
-a
libatasmart
libatasmart
libatasmart
.vapi
libatasmart
libatasmart
int sk_disk_smart_status(SkDisk *d, SkBool *good);
smartmontools
libatasmart
smartmontools
libatasmart
skdump
sktest
g-d-h
g-d-h-s
git://git.0pointer.de/libatasmart.git
git://git.0pointer.de/gnome-disk-health.git
libatasmart
skdump
smartctl -a
return -ETOOMANYDOTS;
# On the client:
$ git clone ssh://..../git/foobar foobar
$ cd foobar
$ git checkout trunk
$ git branch -m master
$ git push origin master
# This is a good time to edit the HEAD file on the server and replace its contents "ref: refs/heads/trunk" by "ref: refs/heads/master"
$ git push origin :trunk

trunk
master
git-svn
origin
.gitignore
svn:ignore
.gitignore
svn:ignore
$Id$
mutt
git-am
git-am --interactive
mutt
git-am
--interactive
gnome-audio
ca_context_play()
{
	ca_context *c = NULL;

	/* Create a context for the event sounds for your application */
	ca_context_create(&c);

	/* Set a few application-global properties */
	ca_context_change_props(c,
	                        CA_PROP_APPLICATION_NAME, "An example",
				CA_PROP_APPLICATION_ID, "org.freedesktop.libcanberra.Test",
				CA_PROP_APPLICATION_ICON_NAME, "libcanberra-test",
			        NULL);

	/* ... */

	/* Trigger an event sound */
	ca_context_play(c, 0,
			CA_PROP_EVENT_ID, "button-pressed", /* The XDG sound name */
			CA_PROP_MEDIA_NAME, "The user pressed the button foobar",
			CA_PROP_EVENT_MOUSE_X, "555",
			CA_PROP_EVENT_MOUSE_Y, "666",
			CA_PROP_WINDOW_NAME, "Foobar Dialog",
			CA_PROP_WINDOW_ICON_NAME, "libcanberra-test-foobar-dialog",
			CA_PROP_WINDOW_X11_DISPLAY, ":0",
			CA_PROP_WINDOW_X11_XID, "4711",
			NULL);

	/* ... */

	ca_context_destroy(&c);
}

libcanberra.so
libcanberra-gtk
{
	/* Trigger an event sound from a GtkWidget, will automaticall fill in CA_PROP_WINDOW_xxx */
	ca_gtk_play_for_widget(GTK_WIDGET(w), 0,
                               CA_PROP_EVENT_ID, "foobar-event",
			       CA_PROP_EVENT_DESCRIPTION, "foobar event happened",
			       NULL);

	/* Alternatively, triggger an event sound from a GdkEvent, will also fill in CA_PROP_EVENT_MOUSE_xxx  */
	ca_gtk_play_for_event(gtk_get_current_event(), 0
                              CA_PROP_EVENT_ID, "waldo-event",
			      CA_PROP_EVENT_DESCRIPTION, "waldo event happened",
			      NULL);
}

{
}

ca_gtk_play_for_widget()
ca_gtk_play_for_event()
/usr/security/limits.conf
cpu.rt_runtime_us
/proc/sys/kernel/sched_rt_period_us
$ rtwatch 5 rtcpuhogger
rtcpuhogger
<rant>
</rant>
glitch-free
poll()/select()
dmix
default-fragments=
default-fragment-size-msec=
daemon.conf
.asoundrc
glitch-free
hrtimers
hrtimers
poll()/select()
glitch-free
trunk
glitch-free
;-)
/proc/asound/pcm
default
distccd
--zeroconf
$HOME/.distcc/hosts
+zeroconf
$CC
distcc gcc
distcc
$CC
distcc gcc
ccache distcc gcc
~/.bash_profile
export CC="ccache distcc gcc"
make -j `distcc -j`
make
$MAKEFLAGS
distcc
--show-hosts
avahi-browse -r
_distcc._tcp
cc_machine
cc_version
distcc
distccd
-j
--show-hosts
distcc
distcc
avahi-gobject
$LC_MESSAGES=C
kill(2)
/* Atomic compare and exchange.  These sequences are not actually atomic;
   there is a race if *MEM != OLDVAL and we are preempted between the two
   swaps.  However, they are very close to atomic, and are the best that a
   pre-ARMv6 implementation can do without operating system support.
   LinuxThreads has been using these sequences for many years.  */
extern Q_CORE_EXPORT char q_atomic_lock;

inline char q_atomic_swp(volatile char *ptr, char newval)
{
    register int ret;
    asm volatile("swpb %0,%1,[%2]"
                 : "=&r"(ret)
                 : "r"(newval), "r"(ptr)
                 : "cc", "memory");
    return ret;
}

inline int q_atomic_test_and_set_int(volatile int *ptr, int expected, int newval)
{
    int ret = 0;
    while (q_atomic_swp(&q_atomic_lock, ~0) != 0);
    if (*ptr == expected) {
	*ptr = newval;
	ret = 1;
    }
    q_atomic_swp(&q_atomic_lock, 0);
    return ret;
}
q_atomic_lock
q_atomic_lock
q_atomic_lock
static volatile int atomic_spin = 0;

static int atomic_spin_trylock (void)
{
  int result;

  asm volatile (
    "swp %0, %1, [%2]\n"
    : "=&r,&r" (result)
    : "r,0" (1), "r,r" (&atomic_spin)
    : "memory");
  if (result == 0)
    return 0;
  else
    return -1;
}

static void atomic_spin_lock (void)
{
  while (atomic_spin_trylock())
    sched_yield();
}

static void atomic_spin_unlock (void)
{
  atomic_spin = 0;
}

gint
g_atomic_int_exchange_and_add (volatile gint *atomic,
			       gint           val)
{
  gint result;

  atomic_spin_lock();
  result = *atomic;
  *atomic += val;
  atomic_spin_unlock();

  return result;
}
sched_yield()
sched_yield()
sched_yield()
pthread_yield()
select()
select()
select()
select()
libatomic_ops
select()
nanosleep()
libatomic_ops
libatomic_ops
pa_atomic_t
libatomic_ops
xmms .
git clone http://git.0pointer.de/repos/mango-lassi.git/
hooks/pre-commit
chmod +x
#!/bin/bash -e

REPOS="$1"
TXN="$2"

SVNLOOK=/usr/bin/svnlook

# Require some text in the log
$SVNLOOK log -t "$TXN" "$REPOS" | grep -q '[a-zA-Z0-9]' || exit 1

# Block commits with tabs or trailing whitespace
$SVNLOOK diff -t "$TXN" "$REPOS" | python /dev/fd/3 3<<'EOF'
import sys
ignore = True
SUFFIXES = [ ".c", ".h", ".cc", ".C", ".cpp", ".hh", ".H", ".hpp", ".java" ]
filename = None

for ln in sys.stdin:

        if ignore and ln.startswith("+++ "):
                filename = ln[4:ln.find("\t")].strip()
                ignore = not reduce(lambda x, y: x or y, map(lambda x: filename.endswith(x), SUFFIXES))

        elif not ignore:
		if ln.startswith("+"):

			if ln.count("\t") > 0:
                        	sys.stderr.write("\n*** Transaction blocked, %s contains tab character:\n\n%s" % (filename, ln))
                        	sys.exit(1)

                	if ln.endswith(" \n"):
                        	sys.stderr.write("\n*** Transaction blocked, %s contains lines with trailing whitespace:\n\n%s<EOL>\n" % (filename, ln.rstrip("\n")))
                        	sys.exit(1)

		if not (ln.startswith("@") or \
			ln.startswith("-") or \
			ln.startswith("+") or \
			ln.startswith(" ")):

			ignore = True

sys.exit(0)
EOF

exit "$?"
$EDITOR
nuke-trailing-whitespace.el
'write-file-hooks
/dev/null
diff -b
$ ccache -s | egrep "(cache hit|cache miss)"
cache hit                        3518652
cache miss                        168484
$ echo $((168484*1000/3518652))
47
$

java.lang.Thread.stop()
nss-mdns
AVAHI_BROWSER_ALL_FOR_NOW
int main(int argc, char* argv[]) {
}

int main(int argc, char* argv[])
{
}

MODULE_ALIAS
$HOME
-m 256
tif
lennartpoettering
~/net/
~/net/
<->
ftp://test.local/a/certain/path/
~/net/ftp:test.local/a/certain/path
FTP Share
on test.local
~/net/
~/net/
$HOME/net/
<wishlist>
vino
vinagre
vino
xvncviewer
LANG=de_DE
LC_MESSAGES=C
~/.gnomerc
gnome-session
LANG
LC_MESSAGES
G_FILENAME_ENCODING
$HOME
gnome-media
</wishlist>
avahi-ui
avahi-ui
avahi-ui
avahi-ui
.mesh
.local
.ps
.eps
nmap
apt-cache search wiki | wc -l
libsydney
libsydney
libcanberra
libsydney
libsydney
libsamplerate
libsydney
.au
tedp
linux.conf.au
libavahi-ui
AuiServiceDialog
GtkFileChooserDialog
zssh.c
zssh
#include <gtk/gtk.h>
#include <avahi-ui/avahi-ui.h>

int main(int argc, char*argv[]) {
    GtkWidget *d;

    gtk_init(&argc, &argv);

    d = aui_service_dialog_new("Choose Web Service");
    aui_service_dialog_set_browse_service_types(AUI_SERVICE_DIALOG(d), "_http._tcp", "_https._tcp", NULL);

    if (gtk_dialog_run(GTK_DIALOG(d)) == GTK_RESPONSE_OK)
        g_message("Selected service name: %s; service type: %s; host name: %s; port: %u",
		aui_service_dialog_get_service_name(AUI_SERVICE_DIALOG(d)),
		aui_service_dialog_get_service_type(AUI_SERVICE_DIALOG(d)),
		aui_service_dialog_get_host_name(AUI_SERVICE_DIALOG(d)),
		aui_service_dialog_get_port(AUI_SERVICE_DIALOG(d)));
    else
        g_message("Canceled.");

    gtk_widget_destroy(d);

    return 0;
}

zssh.c
AuiServiceDialog
AuiServiceDialog
avahi-ui.h
avahi-ui.c
avahi-client
avahi-glib
gtk+-2.0
pkg-config
.de
.au
.de
.au
.ps
mzynzcr (at) 0pointer (dot) de
fring
fring
fring
svn checkout svn://svn.0pointer.de/fring/trunk fring
fring
#pulseaudio
sudo aptitude install pulseaudio \
    pulseaudio-module-hal \
    pulseaudio-esound-compat \
    pulseaudio-utils \
    libgstreamer-plugins-pulse0.10-0 \
    pulseaudio-module-gconf \
    pulseaudio-module-x11 \
    pulseaudio-module-zeroconf
Bay1Controller
avahi-autoipd
avahi-autoipd
dhclient
;-)
fring.py
SetHostName()
acpi-ec-transaction.patch
acpi-s270.patch
s270
/sys/class/backlight/s270bl/
root
echo 8 > /sys/class/backlight/s270bl/brightness
cat /sys/devices/platform/s270pf/wlan                 # Show WLAN status
cat /sys/devices/platform/s270pf/bluetooth            # Show Bluetooth status
echo 1 > /sys/devices/platform/s270pf/auto_brightness # Enable automatic brightness control
force=1
dmidecode
dmidecode |
grep MICRO-STAR
dmidecode
gnome-power-manager
chroot()
netstat -uln
.local
gethostbyname()
dhclient
root
chroot()
jat
alsa_output
oss_output2
alsa_output_hw_0_0
PropertyProbe
esd
gnome-power-manager
sed -i -e s/polyp/pulse/g
http://pulseaudio.org/
#polypaudio
pa_
lennart (at) poettering (dot) net
#polypaudio
/dev/dsp
padsp
module-volume-restore
padsp
esddsp
/dev/dsp
/dev/sndstat
/dev/mixer
padsp
mplayer
padsp
aumix
libao
XMMS
sox
padsp
mmap()
mmap()
esddsp
padsp
mmap()
esddsp
padsp
esddsp
module-volume-restore
gst-polyp
GstPropertyProbe
GstImplementsInterface
gnome-volume-meter
GST_EVENT_TAG
libao-polyp
libao
ogg123
xmms-polyp
gstreamer-properties
pacat
/dev/urandom
padsp
;-)
pavucontrol
module-detect
alsa-libs
alsa-plugins
dmix
dmix
dmix
autopano-sift
enblend
autopano-sift
enblend
mod_dnssd
mod_mime_xattr
mod_mime_xattr
user.mime_type
mod_mime_xattr
<Directory />
XAttrMimeType On
</Directory>

user.mime_type
setfattr -n "user.mime_type" -v "text/html" foo.txt
foo.txt
text/html
.txt
mod_dnssd
mod_zeroconf
mod_rendezvous
mod_bonjour
mod_dnssd
mod_dnssd
mod_dnssd
DNSSDEnable On

mod_userdir
~/public_html
_http._tcp
DNSSDServiceName
<Location /foobar>
	DNSSDServiceName "A special service called foobar"
</Location>

mod_dav
<Location /webdav>
	Dav On
	DNSSDServiceName "A WebDAV folder"
	DNSSDServiceTypes _webdav._tcp
</Location>

<Location /blog.cgi?rss>
	DNSSDServiceName "The blog"
	DNSSDServiceTypes _rss._tcp
</Location>

avahi.org
#!/usr/bin/python
import Image, ImageDraw, math, colorsys

dimensions = (800, 800)
scale = 1.0/(dimensions[0]/3)
center = (2.2, 1.5)       # Use this for Mandelbrot set
#center = (1.5, 1.5)       # Use this for Julia set
iterate_max = 100
colors_max = 50

img = Image.new("RGB", dimensions)
d = ImageDraw.Draw(img)

# Calculate a tolerable palette
palette = [0] * colors_max
for i in xrange(colors_max):
    f = 1-abs((float(i)/colors_max-1)**15)
    r, g, b = colorsys.hsv_to_rgb(.66+f/3, 1-f/2, f)
    palette[i] = (int(r*255), int(g*255), int(b*255))

# Calculate the mandelbrot sequence for the point c with start value z
def iterate_mandelbrot(c, z = 0):
    for n in xrange(iterate_max + 1):
        z = z*z +c
        if abs(z) > 2:
            return n
    return None

# Draw our image
for y in xrange(dimensions[1]):
    for x in xrange(dimensions[0]):
        c = complex(x * scale - center[0], y * scale - center[1])

        n = iterate_mandelbrot(c)            # Use this for Mandelbrot set
        #n = iterate_mandelbrot(complex(0.3, 0.6), c)  # Use this for Julia set

        if n is None:
            v = 1
        else:
            v = n/100.0

        d.point((x, y), fill = palette[int(v * (colors_max-1))])

del d
img.save("result.png")

sudo
sudo
gethostbyname()
/etc/hosts
localhost
nss-myhostname
setterm -dump 1 -file /dev/stdout | fold -w 80
chroot()
dns_sd.h
dns-sd.h
dns_sd.h
dns_sd.h
syslog
dns_sd.h
DNSServiceEnumerateDomains()
sw_ipv4_address_decompose()
dns_sd.h
avahi-browse
0pointer.de
$ avahi-browse -a -d 0pointer.de
Browsing domain '0pointer.de' on any.-1 ...
Browsing for services of type '_http-rss091._tcp' (Web Syndication RSS 0.91) in domain '0pointer.de' on any.-1 ...
Browsing for services of type '_http-rss20._tcp' (Web Syndication RSS 2.0) in domain '0pointer.de' on any.-1 ...
Browsing for services of type '_http._tcp' (Web Site) in domain '0pointer.de' on any.-1 ...
Found service 'Lennart's Blog' of type '_http-rss091._tcp' (Web Syndication RSS 0.91) in domain '0pointer.de' on any.-1.
Found service 'Lennart's Blog' of type '_http-rss20._tcp' (Web Syndication RSS 2.0) in domain '0pointer.de' on any.-1.
Found service 'Lennart's Homepage' of type '_http._tcp' (Web Site) in domain '0pointer.de' on any.-1.
Found service 'Avahi mDNS/DNS-SD' of type '_http._tcp' (Web Site) in domain '0pointer.de' on any.-1.
Found service 'Lennart's Photos' of type '_http._tcp' (Web Site) in domain '0pointer.de' on any.-1.
Found service 'Lennart's Blog' of type '_http._tcp' (Web Site) in domain '0pointer.de' on any.-1.
Service data for service 'Lennart's Blog' of type '_http-rss091._tcp' (Web Syndication RSS 0.91) in domain '0pointer.de' on any.-1:
        Host 0pointer.de (217.160.223.3), port 80, TXT data: ['path=/blog/index.rss']
Service data for service 'Lennart's Blog' of type '_http-rss20._tcp' (Web Syndication RSS 2.0) in domain '0pointer.de' on any.-1:
        Host 0pointer.de (217.160.223.3), port 80, TXT data: ['path=/blog/index.rss2']
Service data for service 'Lennart's Homepage' of type '_http._tcp' (Web Site) in domain '0pointer.de' on any.-1:
        Host 0pointer.de (217.160.223.3), port 80, TXT data: ['path=/lennart/']
Service data for service 'Avahi mDNS/DNS-SD' of type '_http._tcp' (Web Site) in domain '0pointer.de' on any.-1:
        Host freedesktop.org (131.252.208.82), port 80, TXT data: ['path=/Software/Avahi']
Service data for service 'Lennart's Photos' of type '_http._tcp' (Web Site) in domain '0pointer.de' on any.-1:
        Host 0pointer.de (217.160.223.3), port 80, TXT data: ['path=/photos/']
Service data for service 'Lennart's Blog' of type '_http._tcp' (Web Site) in domain '0pointer.de' on any.-1:
        Host 0pointer.de (217.160.223.3), port 80, TXT data: ['path=/blog']

kdnssd
svn checkout svn://svn.0pointer.de/service-discovery-applet/trunk service-discovery-applet
import avahi, dbus, gobject

bus = dbus.SystemBus()
server = dbus.Interface(bus.get_object(avahi.DBUS_NAME, avahi.DBUS_PATH_SERVER), avahi.DBUS_INTERFACE_SERVER)

def new_service(interface, protocol, name, type, domain):
	print "Found service '%s' of type '%s' in domain '%s'" % (name, type, domain)

def remove_service(interface, protocol, name, type, domain):
	print "Service '%s' of type '%s' in domain '%s' disappeared." % (name, type, domain)

path = server.ServiceBrowserNew(avahi.IF_UNSPEC, avahi.PROTO_UNSPEC, "_http._tcp", "")
b = dbus.Interface(bus.get_object(avahi.DBUS_NAME, path), avahi.DBUS_INTERFACE_SERVICE_BROWSER)
b.connect_to_signal('ItemNew', new_service)
b.connect_to_signal('ItemRemove', remove_service)
gobject.MainLoop().run()

avahi-daemon
def cb_prepare(args):
        request = args["request"]
        query = request.getHttp().get('QUERY_STRING', '')

        if not query.endswith("&ignore") and not query == "ignore":
                data = request.getData()
                data["entry_list"] = filter(lambda e: not e.has_key('ignore'), data["entry_list"])

#ignore yes

?ignore
&ignore
import pysvn, os, sys, anydbm

from config import py

def get_mtime(fname):
        cache_fname = os.path.join(py['datadir'], 'SVNDATES')
        cache = anydbm.open(cache_fname, "c")

        if cache.has_key(fname):
                d = float(cache[fname])
        else:
                client = pysvn.Client(fname)
                l = client.log(fname)

                if len(l) > 0:
                        d = l[0]['date']
                        cache[fname] = str(d)
                else:
                        d = -1

                del client

        del cache
        return d

def cb_filestat(args):
        args["mtime"] = list(args["mtime"])
        d = get_mtime(args["filename"])
        if d >= 0:
                args["mtime"][8] = d
        return args

$datadir/SVNDATES

Type	Linux Mount Point	File System Choice
Linux “Boot” Partition	`/boot/`	Any Linux File System, typically ext2/ext3/ext4
ESP	`/boot/efi/`	vFAT

PCR	Purpose	Owner	Expected Value before UKI boot	Pre-Calculable
11	Measurement of UKI components and boot phases	OS Vendor	Zero	Yes (at UKI build time)
12	Measurement of kernel command line, additional kernel runtime configuration such as systemd credentials, systemd syscfg images	Administrator	Zero	Yes (when system configuration is assembled)
13	System Extension Images of initrd (and possibly more)	(Administrator)	Zero	Yes
15	Measurement of root file system volume key (Possibly later more: measurement of root file system UUIDs and labels and of the machine ID `/etc/machine-id`)	Local System	Zero	Yes (after first boot once ll such IDs are determined)

Resource	Needs Authentication	Needs Encryption	Suggested Technology	Validation/Encryption Keys/Certificates acquired via	Stored where
Shim	yes	no	SecureBoot signature verification	firmware certificate database	ESP
Boot loader	yes	no	ditto	firmware certificate database/shim	ESP/boot partition
Kernel	yes	no	ditto	ditto	ditto
initrd	yes	no	ditto	ditto	ditto
initrd parameters	yes	yes	systemd TPM encrypted credentials	TPM	ditto
initrd extensions	yes	no	`systemd-sysext` with Verity+PKCS#7 signatures	firmware/initrd certificate database	ditto
OS binary resources	yes	no	`dm-verity`	root hash linked into kernel image, or firmware/initrd certificate database	top-level partition
OS configuration and state	yes	yes	`dm-crypt` (LUKS) + `dm-integrity`	TPM	top-level partition
`/home/` itself	yes	no	`dm-integrity` with HMAC	TPM	top-level partition
User home directories	yes	yes	`dm-crypt` (LUKS) + `dm-integrity` in loopback files	User password/FIDO2/PKCS#11 security token	loopback file inside `/home` partition

Resource	Needs Authentication	Needs Encryption	Suggested Technology	Validation/Encryption Keys/Certificates acquired via	Stored where
Shim	yes	no	SecureBoot signature verification	firmware certificate database	ESP
Boot loader	yes	no	ditto	firmware certificate database/shim	ESP/boot partition
Kernel	yes	no	ditto	ditto	ditto
initrd	yes	no	ditto	ditto	ditto
initrd parameters	yes	yes	systemd TPM encrypted credentials	TPM	ditto
initrd extensions	yes	no	`systemd-sysext` with Verity+PKCS#7 signatures	firmware/initrd certificate database	ditto
OS binary resources, configuration and state	yes	yes	`dm-crypt` (LUKS) + `dm-integrity`	TPM	top-level partition
`/home/` itself	yes	no	`dm-integrity` with HMAC	TPM	top-level partition
User home directories	yes	yes	`dm-crypt` (LUKS) + `dm-integrity` in loopback files	User password/FIDO2/PKCS#11 security token	loopback file inside `/home` partition

Consumer Audio (i.e. PulseAudio)	Pro Audio (i.e. Jack)
Reducing power usage is a defining requirement, most systems are battery powered (Laptops, Cell Phones).	Power usage usually not an issue, power comes out of the wall.
Must support latencies low enough for telephony and games. Also covers high latency uses, such as movie and music playback (2s of latency is a good choice).	Minimal latencies are a definining requirement.
System is highly dynamic, with applications starting/stopping, hardware added and removed all the time.	System is usually static in its configuration during operation.
User is usually not proficient in the technologies used.^[1]	User is usually a professional and knows audio technology and computers well.
User is not necessarily the administrator of his machine, might have limited access.	User usually administrates his own machines, has root privileges.
Audio is just one use of the system among many, and often just a background job.	Audio is the primary purpose of the system.
Hardware tends to have limited resources and be crappy and cheap.	Hardware is powerful, expensive and high quality.

	sysvinit	Upstart	systemd
Interfacing via D-Bus	no	yes	yes
Shell-free bootup	no	no	yes
Modular C coded early boot services included	no	no	yes
Read-Ahead	no	no^[1]	yes
Socket-based Activation	no	no^[2]	yes
Socket-based Activation: inetd compatibility	no	no^[2]	yes
Bus-based Activation	no	no^[3]	yes
Device-based Activation	no	no^[4]	yes
Configuration of device dependencies with udev rules	no	no	yes
Path-based Activation (inotify)	no	no	yes
Timer-based Activation	no	no	yes
Mount handling	no	no^[5]	yes
fsck handling	no	no^[5]	yes
Quota handling	no	no	yes
Automount handling	no	no	yes
Swap handling	no	no	yes
Snapshotting of system state	no	no	yes
XDG_RUNTIME_DIR Support	no	no	yes
Optionally kills remaining processes of users logging out	no	no	yes
Linux Control Groups Integration	no	no	yes
Audit record generation for started services	no	no	yes
SELinux integration	no	no	yes
PAM integration	no	no	yes
Encrypted hard disk handling (LUKS)	no	no	yes
SSL Certificate/LUKS Password handling, including Plymouth, Console, wall(1), TTY and GNOME agents	no	no	yes
Network Loopback device handling	no	no	yes
binfmt_misc handling	no	no	yes
System-wide locale handling	no	no	yes
Console and keyboard setup	no	no	yes
Infrastructure for creating, removing, cleaning up of temporary and volatile files	no	no	yes
Handling for `/proc/sys` sysctl	no	no	yes
Plymouth integration	no	yes	yes
Save/restore random seed	no	no	yes
Static loading of kernel modules	no	no	yes
Automatic serial console handling	no	no	yes
Unique Machine ID handling	no	no	yes
Dynamic host name and machine meta data handling	no	no	yes
Reliable termination of services	no	no	yes
Early boot /dev/log logging	no	no	yes
Minimal kmsg-based syslog daemon for embedded use	no	no	yes
Respawning on service crash without losing connectivity	no	no	yes
Gapless service upgrades	no	no	yes
Graphical UI	no	no	yes
Built-In Profiling and Tools	no	no	yes
Instantiated services	no	yes	yes
PolicyKit integration	no	no	yes
Remote access/Cluster support built into client tools	no	no	yes
Can list all processes of a service	no	no	yes
Can identify service of a process	no	no	yes
Automatic per-service CPU cgroups to even out CPU usage between them	no	no	yes
Automatic per-user cgroups	no	no	yes
SysV compatibility	yes	yes	yes
SysV services controllable like native services	yes	no	yes
SysV-compatible /dev/initctl	yes	no	yes
Reexecution with full serialization of state	yes	no	yes
Interactive boot-up	no^[6]	no^[6]	yes
Container support (as advanced chroot() replacement)	no	no	yes
Dependency-based bootup	no^[7]	no	yes
Disabling of services without editing files	yes	no	yes
Masking of services without editing files	no	no	yes
Robust system shutdown within PID 1	no	no	yes
Built-in kexec support	no	no	yes
Dynamic service generation	no	no	yes
Upstream support in various other OS components	yes	no	yes
Service files compatible between distributions	no	no	yes
Signal delivery to services	no	no	yes
Reliable termination of user sessions before shutdown	no	no	yes
utmp/wtmp support	yes	yes	yes
Easily writable, extensible and parseable service files, suitable for manipulation with enterprise management tools	no	no	yes

	sysvinit	Upstart	systemd
OOM Adjustment	no	yes^[1]	yes
Working Directory	no	yes	yes
Root Directory (chroot())	no	yes	yes
Environment Variables	no	yes	yes
Environment Variables from external file	no	no	yes
Resource Limits	no	some^[2]	yes
umask	no	yes	yes
User/Group/Supplementary Groups	no	no	yes
IO Scheduling Class/Priority	no	no	yes
CPU Scheduling Nice Value	no	yes	yes
CPU Scheduling Policy/Priority	no	no	yes
CPU Scheduling Reset on fork() control	no	no	yes
CPU affinity	no	no	yes
Timer Slack	no	no	yes
Capabilities Control	no	no	yes
Secure Bits Control	no	no	yes
Control Group Control	no	no	yes
High-level file system namespace control: making directories inacessible	no	no	yes
High-level file system namespace control: making directories read-only	no	no	yes
High-level file system namespace control: private /tmp	no	no	yes
High-level file system namespace control: mount inheritance	no	no	yes
Input on Console	yes	yes	yes
Output on Syslog	no	no	yes
Output on kmsg/dmesg	no	no	yes
Output on arbitrary TTY	no	no	yes
Kill signal control	no	no	yes
Conditional execution: by identified CPU virtualization/container	no	no	yes
Conditional execution: by file existance	no	no	yes
Conditional execution: by security framework	no	no	yes
Conditional execution: by kernel command line	no	no	yes

	sysvinit	Upstart	systemd
Maturity	> 15 years	6 years	1 year
Specialized professional consulting and engineering services available	no	no	yes
SCM	Subversion	Bazaar	git
Copyright-assignment-free contributing	yes	no	yes

Pid Eins

Linux Boot Partitions

💽 Linux Boot Partitions and How to Set Them Up 🚀

File System Choices

File System Access Patterns

Boot Loader Updates

Boot Partition Discovery

Current Situation Summary

How to Do it Better

Addendum: You got RAID?

Addendum: Networked Boot

Brave New Trusted Boot World

🔐 Brave New Trusted Boot World 🚀

Problem Description

Proposed Construction

UKI Components

Basic UEFI Stub Execution Flow

TPM PCR Assignments

Signature Keys

TPM Policy Use

Boot Phases

Revocation/Rollback Protection

UKI Generation

Protection Coverage of SecureBoot Signing and PCRs

Whole OS embedded in the UKI

Proposed Implementations & Current Status

The UAPI Group

Glossary

Thanks

Fitting Everything Together

The Project

Design Goals

Hermetic /usr/

Initial Look at the Partition Table

Booting

Factory Reset

Modularity

More Modularity: Secondary OS Installs

Developer Mode

Democratizing Code Signing

Running the OS itself in a container

Parameterizing Kernels

Swap

Updating Images

Boot Counting + Assessment

Picking the Newest Version

Home Directory Management

Partition Setup

Trust Chain

File System Choice

OS Installation vs. OS Instantiation

Live Systems vs. Installer Systems vs. Installed Systems

Building Images According to this Model

Final Words

FAQ

How can you help?

Further Documentation of Used Components and Concepts

Earlier Blog Stories Related to this Topic

Testing my System Code in /usr/ Without Modifying /usr/

Running a Container off the Host /usr/

Requirements

Limitations

Authenticated Boot and Disk Encryption on Linux

The Strange State of Authenticated Boot and Disk Encryption on Generic Linux Distributions

The Basic Technologies

How Linux Distributions use these Technologies

Attack Scenarios

Are we Safe?

Can we do better?

In Detail

How to Authenticate the initrd

How to Authenticate the Binary OS Resources

How to Encrypt/Authenticate OS Configuration and State

How to Encrypt/Authenticate the User's Home Directory

Summary of Resources and their Protections

Recovery Keys

TPM PCR Brittleness

Anything Else?

FAQ

Can I implement all of this in my distribution today?

Hermetic `/usr/`

rpm/dpkg already cryptographically validates all packages at installation time (`gpg`), why would I need more than that?

Use #2: Booting an OS image on bare-metal without `/etc/fstab` or kernel command line `root=`

`systemd-tmpfiles`

`systemd-sysusers`

`systemd-machine-id-setup`

`systemd-firstboot`

`bootctl`

`coredumpctl`